Medium severity5.3NVD Advisory· Published Jul 19, 2021· Updated Jun 17, 2026
CVE-2021-35967
CVE-2021-35967
Description
The directory page parameter of the Orca HCM digital learning platform does not filter special characters. Remote attackers can access the system directory thru Path Traversal without logging in.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Learningdigital.com, Inc./Orca HCMv5Range: unspecified
Patches
Vulnerability mechanics
References
2- www.twcert.org.tw/tw/cp-132-4927-bbf01-1.htmlnvdThird Party Advisory
- www.chtsecurity.com/news/ba7b3ae7-14f3-4970-b3f6-4d97d8c7ea25nvdNot Applicable
News mentions
0No linked articles in our index yet.