elgg is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Score
9.0
EPSS Score
0.003
Published
2021-12-24
elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
CVSS Score
5.3
EPSS Score
0.006
Published
2021-12-03
elgg is vulnerable to Authorization Bypass Through User-Controlled Key
CVSS Score
4.3
EPSS Score
0.002
Published
2021-12-01
Elgg before 1.12.18 and 2.3.x before 2.3.11 has an open redirect.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-08