elgg/elgg Security Advisories for 3.0.0-rc.1 (3)
-
[MEDIUM] elgg is vulnerable to Cross-site Scripting
PKSA-pjyk-yn13-77hx CVE-2021-4072 GHSA-2xw8-j43j-5vxp
Affected version: <3.3.24
Reported by:
GitHub -
[HIGH] Information exposure in elgg
PKSA-jdq5-2ddx-y7v4 CVE-2021-3980 GHSA-hx6g-q9v2-xh7v
Affected version: >=4.0.0,<4.0.5|<3.3.23
Reported by:
GitHub -
[MEDIUM] elgg is vulnerable to Authorization Bypass Through User-Controlled Key
PKSA-7tbr-h4rs-9dzc CVE-2021-3964 GHSA-gwpx-q2h9-wxgx
Affected version: <3.3.22
Reported by:
GitHub