Unauthenticated Remote Access and Modification of Book Content

Unauthenticated Remote Access and Modification of Book Content

CVE-2021-41974 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Tad Book3 editing book page does not perform identity verification. Remote attackers can use the vulnerability to view and modify arbitrary content of books without permission.

Learn more about our Web Application Penetration Testing UK.