Vulnerabilities > Elgg > Elgg > 1.11.1

DATE CVE VULNERABILITY TITLE RISK
2021-12-24 CVE-2021-4072 Cross-site Scripting vulnerability in Elgg
elgg is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
elgg CWE-79
3.5
3.5
2021-12-03 CVE-2021-3980 Privacy Violation vulnerability in Elgg
elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
network
low complexity
elgg CWE-359
5.0
5.0
2021-12-01 CVE-2021-3964 Authorization Bypass Through User-Controlled Key vulnerability in Elgg
elgg is vulnerable to Authorization Bypass Through User-Controlled Key
network
elgg CWE-639
4.3
4.3
2019-04-08 CVE-2019-11016 Open Redirect vulnerability in Elgg
Elgg before 1.12.18 and 2.3.x before 2.3.11 has an open redirect.
network
elgg CWE-601
5.8
5.8