CVE-2021-21276

🗓️ 01 Feb 2021 15:13:15Reported by [email protected]Type

Polr open source URL shortener 2.3.0 setup vulnerability allows attackers to gain admin acces

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Cvelist	CVE-2021-21276 Privilege escalation in Polr	1 Feb 202100:00	–	cvelist
0day.today	POLR URL 2.3.0 - Shortener Admin Account Takeover Exploit	6 Apr 202300:00	–	zdt
OSV	CVE-2021-21276	1 Feb 202115:15	–	osv
CVE	CVE-2021-21276	1 Feb 202115:15	–	cve
Exploit DB	POLR URL 2.3.0 - Shortener Admin Takeover	6 Apr 202300:00	–	exploitdb
RedhatCVE	CVE-2021-21276	22 May 202521:32	–	redhatcve
Packet Storm	POLR URL 2.3.0 Shortener Admin Takeover	6 Apr 202300:00	–	packetstorm
Prion	Code injection	1 Feb 202115:15	–	prion

Nvd

Node

polrproject polrRange<2.3.0

Source	Link
github	www.github.com/cydrobolt/polr/commit/b1981709908caf6069b4a29dad3b6739c322c675
github	www.github.com/cydrobolt/polr/security/advisories/GHSA-vg6w-8w9v-xxqc
packetstormsecurity	www.packetstormsecurity.com/files/171743/POLR-URL-2.3.0-Shortener-Admin-Takeover.html
github	www.github.com/cydrobolt/polr/releases/tag/2.3.0

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Feb 2021 15:15Current

9.2High risk

Vulners AI Score9.2

CVSS26.4

CVSS39.3

EPSS0.16146

CWE-863