Vulnerabilities (CVE)

Filtered by vendor Tad Book3 Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41563 1 Tad Book3 Project 1 Tad Book3 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
Tad Book3 editing book function does not filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks.
CVE-2021-41974 1 Tad Book3 Project 1 Tad Book3 2024-02-28 6.4 MEDIUM 9.1 CRITICAL
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the vulnerability to view and modify arbitrary content of books without permission.