CVE-2021-41974
9.1 CRITICALTad Book3 editing book page does not perform identity verification
Published: 2021-10-08 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 9.1 CRITICAL
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- CWE
- CWE-285, CWE-306
Affected products
| Vendor | Product |
|---|---|
| tad_book3_project | tad_book3 |
Description
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the vulnerability to view and modify arbitrary content of books without permission.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2021-41563 — Tad Book3 editing book function does not filter special characters (6.1 MEDIUM)
Same CWE
- CVE-2026-0647 — An improper authentication security issue exists within the 1794-AENTR adapter's embedded web server
- CVE-2018-25437 — WordPress CherryFramework Themes 3.1.4 contains an information disclosure vulnerability that allows unauthenticated attackers to download... (7.5 HIGH)
- CVE-2026-12213 — A vulnerability was found in hcengineering Huly Platform up to 0.7.0 (4.3 MEDIUM)
- CVE-2026-12204 — A vulnerability was determined in ShopXO up to 6.7.1 (7.3 HIGH)
- CVE-2026-12190 — A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android (5.3 MEDIUM)