CVE-2020-5747

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-5747
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-5747.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-5747
Published
2020-05-07T17:15:12Z
Modified
2024-09-03T03:32:00.506179Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.

References

Affected packages

Git / github.com/tecnickcom/tcexam

Affected ranges

Type
GIT
Repo
https://github.com/tecnickcom/tcexam
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

12.*

12.0.013
12.0.014
12.1.000
12.1.001
12.1.002
12.1.003
12.1.004
12.1.005
12.1.006
12.1.007
12.1.008
12.1.009
12.1.010
12.1.011
12.1.012
12.1.013
12.1.014
12.1.015
12.1.016
12.1.017
12.1.018
12.1.019
12.1.020
12.1.021
12.1.022
12.1.023
12.1.024
12.1.025
12.1.026
12.1.027
12.1.28
12.1.29
12.1.30
12.2.0
12.2.1
12.2.2
12.2.3
12.2.4
12.2.5

13.*

13.0.1
13.0.2
13.1.1
13.2.0
13.2.1
13.3.0

14.*

14.0.0
14.0.1
14.0.2
14.0.3
14.1.0
14.1.10
14.1.11
14.1.12
14.1.13
14.1.14
14.1.15
14.1.2
14.1.3
14.1.4
14.1.5
14.1.6
14.1.7
14.1.8
14.1.9
14.2.1
14.2.2