2 matches found
CVE-2021-41567
The CVE-2021-41567 entry describes stored XSS in Tad Uploader’s view book list function, caused by insufficient filtering of the add subject parameter. Unauthenticated attackers can remotely inject JavaScript and execute client-side code. This vulnerability is corroborated by multiple connected r...
CVE-2021-41567
The new add subject parameter of Tad Uploader view book list function fails to filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks...