Vulnerabilities (CVE)

Filtered by vendor Huaju Subscribe

Filtered by product Easytest Online Learning Test Platform

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-42336	1 Huaju	1 Easytest Online Learning Test Platform	2021-10-20	4.0 MEDIUM	4.3 MEDIUM
The learning history page of the Easytest is vulnerable by permission bypass. After obtaining a user’s permission, remote attackers can access other users’ and administrator’s account information except password by crafting URL parameters.
CVE-2021-42335	1 Huaju	1 Easytest Online Learning Test Platform	2021-10-20	3.5 LOW	5.4 MEDIUM
Easytest bulletin board management function of online learning platform does not filter special characters. After obtaining a user’s privilege, remote attackers can inject JavaScript and execute stored XSS attack.