Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Social Networking

Elgg

Elgg empowers individuals groups and institutions to create their own fully-featured social environment. Elgg started in 2004 is an open source social engine which powers all kinds of social environments - from education and business to martial arts and rugby. If you are looking for a professional social intranet or want to run a site for your organisation Elgg is a great choice.

Official Site:

https://elgg.org/

Severity Summary:

Critical: 1 High: 1 Medium: 9
Reference
Title
Severity
CVE-2011-2936
Elgg Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2021-3980
Elgg Exposure of Private Personal Information to an Unauthorized Actor Vulnerability
High
CVE-2019-11016
Elgg URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2011-2935
Elgg Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2013-0234
Elgg Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2012-6563
Elgg Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2012-6562
Elgg Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2012-6561
Elgg Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2011-3733
Elgg Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2021-3964
Elgg Authorization Bypass Through User-Controlled Key Vulnerability
Medium
CVE-2021-4072
Elgg Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium