Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Beego Framework Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-27117)

Description

An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally.

Remediation

References

Related Vulnerabilities

Joomla! Core 3.x.x Cross-Site Scripting (3.6.0 - 3.9.6)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4898)

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (3.8.9)

WordPress Plugin Social Media Share Buttons & Social Sharing Icons Multiple Unspecified Vulnerabilities (1.2.1)

Joomla External Control of File Name or Path Vulnerability (CVE-2026-23898)

Severity

High

Classification

CVE-2021-27117 CWE-59 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities