Description Forgotten password reset functionality for local accounts can be used to bypass local authentication checks. Remediation References CVE-2021-27654 Related Vulnerabilities SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0971) WordPress Plugin IP Logger Arbitrary File Upload (3.1) WordPress Plugin Shortcode Addons-with Visual Composer, Divi, Beaver Builder and Elementor Extension Arbitrary File Upload (3.2.5) MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42045) Mailman Other Vulnerability (CVE-2000-0861) Severity High Classification CVE-2021-27654 CWE-640 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities