VYPR
High severity7.3NVD Advisory· Published Jul 19, 2021· Updated Jun 17, 2026

CVE-2021-35964

CVE-2021-35964

Description

The management page of the Orca HCM digital learning platform does not perform identity verification, which allows remote attackers to execute the management function without logging in, access members’ information, modify and delete the courses in system, thus causing users fail to access the learning content.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Orca HCM/Orca HCMllm-create
  • Learningdigital.com, Inc./Orca HCMv5
    Range: unspecified

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.