CVE-2021-27885: CSRF
First published: Tue Mar 02 2021(Updated: )
usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| E107 E107 | <=2.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this e107 vulnerability?
The vulnerability ID for this e107 vulnerability is CVE-2021-27885.
What is the severity of CVE-2021-27885?
CVE-2021-27885 has a severity score of 8.8 (High).
What is the affected software for CVE-2021-27885?
The affected software for CVE-2021-27885 is e107 version 2.3.0.
What is the description of CVE-2021-27885?
CVE-2021-27885 is a vulnerability in e107 where usersettings.php lacks a certain e_TOKEN protection mechanism.
How do I fix CVE-2021-27885?
To fix CVE-2021-27885, update e107 to a version that includes the fix, such as version 2.3.1 or later. Make sure to follow the official e107 release and security announcements for the latest updates.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/weakness
- agent/severity
- agent/references
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/e107
- canonical/e107 e107
- version/e107 e107/2.3.0