Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Elgg Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2021-3980)

Description

elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor

Remediation

References

Related Vulnerabilities

WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.27)

Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.10)

WordPress Plugin Download Monitor 'dlsearch' Parameter Cross-Site Scripting (3.3.5.8)

WordPress Plugin flickrRSS Multiple Vulnerabilities (5.3.1)

WordPress Plugin Easy PayPal Gift Certificate Multiple Vulnerabilities (1.2.3)

Severity

High

Classification

CVE-2021-3980 CWE-359 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities