Skip to main content

Xinhe Teaching Platform System

4 CVEs product

Monthly

CVE-2021-42332 MEDIUM This Month

The “List View” function of ShinHer StudyOnline System is not under authority control. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Xinhe Teaching Platform System
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-42331 MEDIUM This Month

The “Study Edit” function of ShinHer StudyOnline System does not perform permission control. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Xinhe Teaching Platform System
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-42330 HIGH This Week

The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Xinhe Teaching Platform System
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-42329 MEDIUM This Month

The “List_Add” function of message board of ShinHer StudyOnline System does not filter special characters in the title parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Xinhe Teaching Platform System
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 1% CVSS 4.3
MEDIUM This Month

The “List View” function of ShinHer StudyOnline System is not under authority control. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Xinhe Teaching Platform System
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

The “Study Edit” function of ShinHer StudyOnline System does not perform permission control. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Xinhe Teaching Platform System
NVD
EPSS 1% CVSS 8.8
HIGH This Week

The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Xinhe Teaching Platform System
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

The “List_Add” function of message board of ShinHer StudyOnline System does not filter special characters in the title parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Xinhe Teaching Platform System
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy