RSS   Podatności dla 'Tad book3'   RSS

2021-10-08
 
CVE-2021-41563

CWE-79
 
 
Tad Book3 editing book function does not filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks.

 
 
CVE-2021-41974

CWE-732
 
 
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the vulnerability to view and modify arbitrary content of books without permission.

 

Copyright 2024, cxsecurity.com

 

Back to Top