CVE-2021-35966

Summary

The specific function of the Orca HCM digital learning platform does not filter input parameters properly, which causing the URL can be redirected to any website. Remote attackers can use the vulnerability to execute phishing attacks.

Affected Software

VendorProductVersion RangeStatus
Learningdigital.com, Inc.Orca HCMunspecified <= 10.0affected

Weaknesses

  • CWE-601: CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

ADP Enrichment

CVE Program Container

Additional References

References