Medium severity4.3NVD Advisory· Published Jul 19, 2021· Updated Jun 17, 2026
CVE-2021-35968
CVE-2021-35968
Description
The directory list page parameter of the Orca HCM digital learning platform fails to filter special characters properly. Remote attackers can access the system directory thru Path Traversal with users’ privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Learningdigital.com, Inc./Orca HCMv5Range: unspecified
Patches
Vulnerability mechanics
References
2- www.twcert.org.tw/tw/cp-132-4928-7e87b-1.htmlnvdThird Party Advisory
- www.chtsecurity.com/news/ba7b3ae7-14f3-4970-b3f6-4d97d8c7ea25nvdNot Applicable
News mentions
0No linked articles in our index yet.