CVE-2021-47754
Published
CVSS v3
6.5
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
Arunna 1.0.0 contains a cross-site request forgery vulnerability that allows attackers to manipulate user profile settings without authentication. Attackers can craft a malicious form to change user details, including passwords, email, and administrative privileges by tricking authenticated users into submitting the form.
Arunna is a solution that creates a place where social media, networking and community collaborate. You and your customers can have the option to connect and share content online. Our platform gives the opportunity for both hosted community and white label self hosted sites to take the advantage to express themselves. With arunna, small organization to large enterprises can build brand awareness, engage their community and much more. That's what we call connecting the clouds...
GitHub