Unrated severityNVD Advisory· Published Jul 19, 2021· Updated Sep 16, 2024

Learningdigital.com, Inc. Orca HCM - URL Redirection to Untrusted Site ('Open Redirect')

CVE-2021-35966

Description

The specific function of the Orca HCM digital learning platform does not filter input parameters properly, which causing the URL can be redirected to any website. Remote attackers can use the vulnerability to execute phishing attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Orca HCM/Orca HCM digital learning platformllm-create
Learningdigital.com, Inc./Orca HCMv5
Range: unspecified

Patches

Vulnerability mechanics

References

www.chtsecurity.com/news/ba7b3ae7-14f3-4970-b3f6-4d97d8c7ea25mitrex_refsource_MISC
www.twcert.org.tw/tw/cp-132-4926-dc06b-1.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000