Unfiltered Special Characters in Tad Book3 Editing Function Enable Remote XSS Attacks
CVE-2021-41563 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Tad Book3 editing book function does not filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks.
Learn more about our Web Application Penetration Testing UK.