EUVD-2021-28579

Malicious code in bioql PyPI...

Tad Book3 Cross-Site Scripting Vulnerability

Tad Book3 is an XOOPS module by the individual developer of Tad in Taiwan, China, which can be used to write books, handouts, and as a notepad. Tad Book3 suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An...

Tad Book3 Authorization Issues Vulnerabilities

Tad Book3 is an XOOPS module by the individual developer of Tad in Taiwan, China, which can be used to write books, handouts, and as a notepad. Tad Book3 suffers from an authorization issue vulnerability that stems from the Tad Book3 Edit Book page not performing authentication. An attacker can u...

CVE-2021-41563

Tad Book3 editing book function does not filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks...

CVE-2021-41563

Tad Book3 editing book function does not filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks...

Cross site scripting

Tad Book3 editing book function does not filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks...

CVE-2021-41974

Summary: CVE-2021-41974 affects Tad Book3 (an XOOPS module) where the Edit Book page does not perform authentication. This improper authorization allows remote attackers to view and modify arbitrary book content without permission. What’s affected: Tad Book3’s editing functionality on the book pa...

CVE-2021-41974 Tad Book3 - Improper Authorization

Tad Book3 editing book page does not perform identity verification. Remote attackers can use the vulnerability to view and modify arbitrary content of books without permission...

CVE-2021-41563

CVE-2021-41563 affects Tad Book3 (an XOOPS module) where the editing book function fails to filter special characters, enabling unauthenticated attackers to inject JavaScript and perform stored XSS. The vulnerability is caused by insufficient input validation on client-side data, allowing scripts...

CVE-2021-41563 Tad Book3 - Stored XSS

Tad Book3 editing book function does not filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks...

Tad Book3 访问控制错误漏洞

Tad Book3 is an XOOPS module by the individual developer of Tad in Taiwan, China, which can be used to write books, handouts, and as a notepad. Tad Book3 suffers from an authorization issue vulnerability that stems from the Tad Book3 Edit Book page not performing authentication. An attacker can u...

Tad Book3 跨站脚本漏洞

Tad Book3 is an XOOPS module by the individual developer of Tad in Taiwan, China, which can be used to write books, handouts, and as a notepad. Tad Book3 suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An...