Download
| Alert*
engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors. CVSS Score and Metrics +CVSS Score and Metrics -
|