CVE-2021-47721 | orangescrum 1.8.0 Session Cookie authorization (Exploit 50551 / EDB-50551)

December 23, 2025 Yanac

A vulnerability was found in orangescrum 1.8.0. It has been declared as critical. The affected element is an unknown function of the component Session Cookie Handler. Executing manipulation can lead to authorization bypass.

This vulnerability is tracked as CVE-2021-47721. The attack can be launched remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More

CVE-2021-47720 | orangescrum 1.8.0 old_project_id/project_id/uuid/uniqid sql injection (Exploit 50553 / EDB-50553)
CVE-2021-47734 | CMSimple 5.4 filename control (Exploit 50547 / EDB-50547)