Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:43 p.m.10 views

CVE-2020-5750

Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting XSS attacks via the self-registration feature...

6.1CVSS5.9AI score0.01141EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:39 p.m.6 views

CVE-2020-5746

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks by creating a crafted test...

5.4CVSS5.6AI score0.00666EPSS
Exploits1References1
NVD
NVD
added 2020/05/07 5:15 p.m.17 views

CVE-2020-5749

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks by creating a crafted group...

5.4CVSS5.1AI score0.00666EPSS
Exploits1References1
NVD
NVD
added 2020/05/07 5:15 p.m.13 views

CVE-2020-5746

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks by creating a crafted test...

5.4CVSS5.1AI score0.00666EPSS
Exploits1References1
NVD
NVD
added 2020/05/07 5:15 p.m.16 views

CVE-2020-5748

Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting XSS attacks via the self-registration feature...

6.1CVSS6AI score0.01132EPSS
Exploits1References1
OSV
OSV
added 2020/05/07 5:15 p.m.12 views

CVE-2020-5750

Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting XSS attacks via the self-registration feature...

6.1CVSS5.9AI score
Exploits0References1
OSV
OSV
added 2020/05/07 5:15 p.m.18 views

CVE-2020-5745

Cross-site request forgery in TCExam 14.2.2 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link...

7.4CVSS6.8AI score
Exploits0References1
NVD
NVD
added 2020/05/07 5:15 p.m.17 views

CVE-2020-5743

Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission...

4.3CVSS4.5AI score0.00821EPSS
Exploits1References1
Prion
Prion
added 2020/05/07 5:15 p.m.12 views

Cross site scripting

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks by creating a crafted test...

3.5CVSS5.1AI score0.00666EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/05/07 5:15 p.m.14 views

Cross site scripting

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks by creating a crafted operator...

3.5CVSS5.1AI score0.00666EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/05/07 5:15 p.m.15 views

Cross site scripting

Cross-site request forgery in TCExam 14.2.2 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link...

4.3CVSS7.3AI score0.00827EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/05/07 5:15 p.m.13 views

Improper access control

Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission...

4CVSS4.6AI score0.00821EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/05/07 4:12 p.m.18 views

CVE-2020-5748

Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting XSS attacks via the self-registration feature...

6AI score0.01132EPSS
Exploits1References1
CVE
CVE
added 2020/05/07 4:10 p.m.54 views

CVE-2020-5745

CVE-2020-5745 : TCExam 14.2.2 is affected by a Cross-Site Request Forgery (CSRF) vulnerability. A remote attacker can induce a user to perform sensitive actions by tricking them into clicking a crafted link. The NVD CVSS data shows a base score of 7.4 (AV:N/AC:L/PR:N/UI:R/S:C/I:H/A:N) and 4.3 (CV...

7.4CVSS7.3AI score0.00827EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/05/07 4:8 p.m.13 views

CVE-2020-5746

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks by creating a crafted test...

5.1AI score0.00666EPSS
Exploits1References1
CVE
CVE
added 2020/05/07 4:5 p.m.39 views

CVE-2020-5743

This entry documents CVE-2020-5743 affecting TCExam 14.2.2. The vulnerability is described as improper access control (improper control of resource identifiers) that lets a remote, authenticated attacker access test metadata they should not be able to view. The connected records consistently iden...

4.3CVSS4.5AI score0.00821EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder