{"id":"CVE-2021-32752","details":"Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vulnerability was found in versions prior to 3.0.4 that allowed authenticated admin users to access any file on the server. The vulnerability has been fixed in version 3.0.4. As a workaround, one may disable the plugin if untrustworthy sources have admin access.","aliases":["GHSA-fp63-499m-hq6m"],"modified":"2026-03-13T22:15:03.193896Z","published":"2021-07-09T14:15:08.070Z","related":["GHSA-fp63-499m-hq6m"],"references":[{"type":"ADVISORY","url":"https://github.com/ethercreative/logs/releases/tag/3.0.4"},{"type":"ADVISORY","url":"https://github.com/ethercreative/logs/security/advisories/GHSA-fp63-499m-hq6m"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ethercreative/logs","events":[{"introduced":"0"},{"fixed":"f1bae26f356d7f36a5d12febd39bda1d421fffd0"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"3.0.4"}]}}],"versions":["3.0.1","3.0.2","3.0.3","v3.0.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32752.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}]}