2 matches found
CVE-2021-20111
A stored cross-site scripting vulnerability exists in TCExam = 14.8.1. Valid files uploaded via tcefilemanager.php with a filename beggining with a period will be rendered as text/html. An attacker with access to tcefilemanager.php could upload a malicious javascript payload which would be...
CVE-2021-20111
CVE-2021-20111 concerns a stored cross-site scripting vulnerability in TCExam