Description elgg is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Remediation References CVE-2021-4072 Related Vulnerabilities WordPress Plugin FCChat Widget 'Upload.php' Arbitrary File Upload (2.2.13.1) Drupal Core 6.x Cross-Site Scripting (6.0 - 6.11) PHP CVE-2008-2051 Vulnerability (CVE-2008-2051) WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.12) WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0287) Severity Medium Classification CVE-2021-4072 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities