Vulnerabilities > Elgg > Elgg > 3.3.9

DATE CVE VULNERABILITY TITLE RISK
2021-12-24 CVE-2021-4072 Cross-site Scripting vulnerability in Elgg
elgg is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
elgg CWE-79
3.5
3.5
2021-12-03 CVE-2021-3980 Privacy Violation vulnerability in Elgg
elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
network
low complexity
elgg CWE-359
5.0
5.0
2021-12-01 CVE-2021-3964 Authorization Bypass Through User-Controlled Key vulnerability in Elgg
elgg is vulnerable to Authorization Bypass Through User-Controlled Key
network
elgg CWE-639
4.3
4.3