Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Beego Framework CVE-2021-30080 Vulnerability (CVE-2021-30080)

Description

An issue was discovered in the route lookup process in beego through 2.0.1, allows attackers to bypass access control.

Remediation

References

Related Vulnerabilities

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38269)

WordPress Plugin PhonePe Payment Solutions Server-Side Request Forgery (1.0.15)

Nginx Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2009-3898)

WordPress Plugin Login Security Solution Multiple Unspecified Vulnerabilities (0.50.0)

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1599)

Severity

Critical

Classification

CVE-2021-30080 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities