High severityNVD Advisory· Published Dec 3, 2021· Updated Aug 3, 2024
Exposure of Private Personal Information to an Unauthorized Actor in elgg/elgg
CVE-2021-3980
Description
elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
elgg/elggPackagist | < 3.3.23 | 3.3.23 |
elgg/elggPackagist | >= 4.0.0, < 4.0.5 | 4.0.5 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-hx6g-q9v2-xh7vghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-3980ghsaADVISORY
- github.com/Elgg/Elgg/pull/13791ghsaWEB
- github.com/elgg/elgg/commit/572d210e2392f1fdf47ff2f38665372a6535c126ghsax_refsource_MISCWEB
- huntr.dev/bounties/1f43f11e-4bd8-451f-a244-dc9541cdc0acghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.