CVE-2018-13422

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-13422
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-13422.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-13422
Published
2018-07-07T17:29:00.510Z
Modified
2026-03-14T09:27:41.943626Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

TCExam before 14.1.2 has XSS via an ff_ or xl_ field.

References

Affected packages

Git / github.com/tecnickcom/tcexam

Affected ranges

Type
GIT
Repo
https://github.com/tecnickcom/tcexam
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
a4089f4197313179bbb174d604186a11fe25e0e6
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "14.1.2"
        }
    ]
}

Affected versions

12.*
12.0.013
12.0.014
12.1.000
12.1.001
12.1.002
12.1.003
12.1.004
12.1.005
12.1.006
12.1.007
12.1.008
12.1.009
12.1.010
12.1.011
12.1.012
12.1.013
12.1.014
12.1.015
12.1.016
12.1.017
12.1.018
12.1.019
12.1.020
12.1.021
12.1.022
12.1.023
12.1.024
12.1.025
12.1.026
12.1.027
12.1.28
12.1.29
12.1.30
12.2.0
12.2.1
12.2.2
12.2.3
12.2.4
12.2.5
13.*
13.0.1
13.0.2
13.1.1
13.2.0
13.2.1
13.3.0
14.*
14.0.0
14.0.1
14.0.2
14.0.3
14.1.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-13422.json"