Lucene search
@huntrdevCVELIST:CVE-2021-3980HistoryDec 03, 2021 - 3:05 p.m.
CVE-2021-3980 Exposure of Private Personal Information to an Unauthorized Actor in elgg/elgg
2021-12-0315:05:10
CWE-359
@huntrdev
www.cve.org
3
elgg
vulnerability
personal information
unauthorized actor
cve
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
0.002
Percentile
58.6%
elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
CNA Affected
[
{
"product": "elgg/elgg",
"vendor": "elgg",
"versions": [
{
"lessThan": "3.3.23",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2021-3980
2021-12-03 15:15:08
prion
prion
Code injection
2021-12-03 15:15:00
nvd
nvd
CVE-2021-3980
2021-12-03 15:15:08
huntr
huntr
in elgg/elgg
2021-11-18 14:44:17
veracode
veracode
Information Disclosure
2021-12-06 06:21:56
osv
osv
Information exposure in elgg
2021-12-16 15:30:48
CVE-2021-3980
2021-12-03 15:15:08
github
github
Information exposure in elgg
2021-12-16 15:30:48
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
0.002
Percentile
58.6%
Related for CVELIST:CVE-2021-3980