CVE-2021-37759: Inclusion of Sensitive Information in Log Files

Severity: Critical

CVSS Score: 9.8

A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).