CVE-2021-39200 - log back

CVE-2021-39200 edited at 10 Sep 2021 08:42:01
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Information disclosure
Description
+ In WordPress before version 5.8.1, output data of the function wp_die() can be leaked under certain conditions, which can include data like nonces. It can then be used to perform actions on your behalf.
References
+ https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-m9hc-7v5q-x8q5
+ https://hackerone.com/reports/1142140
Notes
CVE-2021-39200 created at 10 Sep 2021 08:39:17