elgg/elgg Security Advisories for 2.3.4 (4)
-
[MEDIUM] Elgg open redirect
PKSA-9d94-fkf8-54hw CVE-2019-11016 GHSA-r6h7-846c-8m78
Affected version: >=2.3.0,<2.3.11|<1.12.18
Reported by:
GitHub -
[MEDIUM] elgg is vulnerable to Cross-site Scripting
PKSA-pjyk-yn13-77hx CVE-2021-4072 GHSA-2xw8-j43j-5vxp
Affected version: <3.3.24
Reported by:
GitHub -
[HIGH] Information exposure in elgg
PKSA-jdq5-2ddx-y7v4 CVE-2021-3980 GHSA-hx6g-q9v2-xh7v
Affected version: >=4.0.0,<4.0.5|<3.3.23
Reported by:
GitHub -
[MEDIUM] elgg is vulnerable to Authorization Bypass Through User-Controlled Key
PKSA-7tbr-h4rs-9dzc CVE-2021-3964 GHSA-gwpx-q2h9-wxgx
Affected version: <3.3.22
Reported by:
GitHub