MidnightBSD

Advisories for tad_honor_project

CVE-2021-41564 MEDIUM

Tad Honor viewing book list function is vulnerable to authorization bypass, thus remote attackers can use special parameters to delete articles arbitrarily without logging in.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
twcert@cert.org.tw 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 3.9 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,NVD-CWE-Other,

Products Affected

Vendor Product Version
tad_honor_project tad_honor *