PT-2021-23336 · Tad Book3 · Tad Book3

Hsuan

Published

2021-10-08

Updated

2021-10-15

CVE-2021-41563

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Tad Book3 (affected versions not specified)

Description The editing book function in Tad Book3 does not filter special characters, allowing unauthenticated attackers to remotely inject JavaScript syntax and execute stored XSS attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2021-41563

Affected Products

Tad Book3

PT-2021-23336 · Tad Book3 · Tad Book3

CVE-2021-41563

Weakness Enumeration

Related Identifiers

Affected Products

References · 4