CVE-2021-3980: Exposure of Private Personal Information to an Unauthorized Actor

December 3, 2021 (updated December 6, 2021)

elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor

References

github.com/elgg/elgg/commit/572d210e2392f1fdf47ff2f38665372a6535c126
huntr.dev/bounties/1f43f11e-4bd8-451f-a244-dc9541cdc0ac
nvd.nist.gov/vuln/detail/CVE-2021-3980

Detect and mitigate CVE-2021-3980 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →