2021-10-08 15:15:32
twcert
PUBLISHED
Tad Book3 editing book function does not filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks.