4 matches found
CVE-2012-4238
Cross-site scripting XSS vulnerability in admin/code/tceeditanswer.php in TCExam before 11.3.008 allows remote authenticated users with level 5 or greater permissions to inject arbitrary web script or HTML via the questionsubjectid parameter...
CVE-2012-4238
Cross-site scripting XSS vulnerability in admin/code/tceeditanswer.php in TCExam before 11.3.008 allows remote authenticated users with level 5 or greater permissions to inject arbitrary web script or HTML via the questionsubjectid parameter...
CVE-2012-4238
TCExam is affected by a Cross-Site Scripting (XSS) vulnerability CVE-2012-4238 in admin/code/tce_edit_answer.php. The issue occurs before version 11.3.008 and allows remote authenticated users with permission level 5 (administrator) or higher to inject arbitrary JavaScript/HTML via the question_s...
TCExam 11.3.007 Cross Site Scripting
/----------------------------------\ | TCExam Edit Cross-Site Scripting | ----------------------------------/ Summary ======= TCExam 11.3.007 is subject to a cross-site scripting vulnerability. A 'questionsubjectid' parameter is not sufficiently sanitised before being written to the...