| TVN ID | TVN-202107007 |
|---|---|
| CVE ID | CVE-2021-35966 |
| CVSS | 6.1 (Medium) CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
| Affected Products | Learningdigital.com, Inc. Orca HCM version 10.0 |
| Description | The specific function of the Orca HCM digital learning platform does not filter input parameters properly, which causing the URL can be redirected to any website. Remote attackers can use the vulnerability to execute phishing attacks. |
| Solution | Update Orca HCM to version 10.9 |
| Credit | Jia-Rong Chen |
| Public Date | 2021-07-19 |
:::