CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Tad Book3 Project 1Tad Book3 Nov 21, 2024 Oct 8, 2021 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 Tad Book3 editing book page does not perform identity verification. Remote attackers can use the vulnerability to view and modify arbitrary content of books without permission. |
1Tad Book3 Project 1Tad Book3 Nov 21, 2024 Oct 8, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Tad Book3 editing book function does not filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks. |