CVE-2020-5745

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-5745

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-5745.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-5745

Published

2020-05-07T17:15:12.027Z

Modified

2025-11-20T11:27:57.278072Z

Severity

7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Cross-site request forgery in TCExam 14.2.2 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.

References

https://www.tenable.com/security/research/tra-2020-31

Affected packages

Git / github.com/tecnickcom/tcexam

Affected ranges

Type: GIT
Repo: https://github.com/tecnickcom/tcexam
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

a84d81617b45538a32a46d7ef456a01f4e21e2fa

Affected versions

12.*

12.0.013

12.0.014

12.1.000

12.1.001

12.1.002

12.1.003

12.1.004

12.1.005

12.1.006

12.1.007

12.1.008

12.1.009

12.1.010

12.1.011

12.1.012

12.1.013

12.1.014

12.1.015

12.1.016

12.1.017

12.1.018

12.1.019

12.1.020

12.1.021

12.1.022

12.1.023

12.1.024

12.1.025

12.1.026

12.1.027

12.1.28

12.1.29

12.1.30

12.2.0

12.2.1

12.2.2

12.2.3

12.2.4

12.2.5

13.*

13.0.1

13.0.2

13.1.1

13.2.0

13.2.1

13.3.0

14.*

14.0.0

14.0.1

14.0.2

14.0.3

14.1.0

14.1.10

14.1.11

14.1.12

14.1.13

14.1.14

14.1.15

14.1.2

14.1.3

14.1.4

14.1.5

14.1.6

14.1.7

14.1.8

14.1.9

14.2.1

14.2.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-5745.json"