VYPR
Medium severity4.3NVD Advisory· Published Jul 19, 2021· Updated Jun 17, 2026

CVE-2021-35968

CVE-2021-35968

Description

The directory list page parameter of the Orca HCM digital learning platform fails to filter special characters properly. Remote attackers can access the system directory thru Path Traversal with users’ privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Epicor/HCMllm-fuzzy
  • Learningdigital.com, Inc./Orca HCMv5
    Range: unspecified

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.