CVE-2011-2935: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
(updated )
Elgg through 1.7.10 has XSS
References
- yehg.net/lab/pr0js/advisories/[elgg_1710]_xss_sqlin
- github.com/Elgg/Elgg/commit/2843b4f846874d434a2403ac1f27e41035b45e04
- github.com/Elgg/Elgg/issues/3544
- github.com/advisories/GHSA-mcfm-j5g6-w26f
- nvd.nist.gov/vuln/detail/CVE-2011-2935
- oss-security.openwall.narkive.com/1UH3NYx8/cve-request-elgg-1-7-10-multiple-vulnerabilities
- security-tracker.debian.org/tracker/CVE-2011-2935
- web.archive.org/web/20110907122607/http://blog.elgg.org/pg/blog/brett/read/189/elgg-1711-released
Code Behaviors & Features
Detect and mitigate CVE-2011-2935 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →