CVE-2021-35964

Name of the Vulnerable Software and Affected Versions: Orca HCM digital learning platform (affected versions not specified)

Description: The management page of the Orca HCM digital learning platform does not perform identity verification, allowing remote attackers to execute management functions without logging in. This enables attackers to access members' information, modify and delete courses in the system, causing users to fail to access the learning content.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.