CVE-2012-4238
Cross-site scripting XSS vulnerability in admin/code/tceeditanswer.php in TCExam before 11.3.008 allows remote authenticated users with level 5 or greater permissions to inject arbitrary web script or HTML via the questionsubjectid parameter...