CVE-2020-5746

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-5746

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5746.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-5746

Published

2020-05-07T17:15:12.073Z

Modified

2025-11-14T11:08:17.902207Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.

References

https://www.tenable.com/security/research/tra-2020-31

Affected packages

Git / github.com/tecnickcom/tcexam

Affected ranges

Type: GIT
Repo: https://github.com/tecnickcom/tcexam
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

a84d81617b45538a32a46d7ef456a01f4e21e2fa

Affected versions

12.*

12.0.013

12.0.014

12.1.000

12.1.001

12.1.002

12.1.003

12.1.004

12.1.005

12.1.006

12.1.007

12.1.008

12.1.009

12.1.010

12.1.011

12.1.012

12.1.013

12.1.014

12.1.015

12.1.016

12.1.017

12.1.018

12.1.019

12.1.020

12.1.021

12.1.022

12.1.023

12.1.024

12.1.025

12.1.026

12.1.027

12.1.28

12.1.29

12.1.30

12.2.0

12.2.1

12.2.2

12.2.3

12.2.4

12.2.5

13.*

13.0.1

13.0.2

13.1.1

13.2.0

13.2.1

13.3.0

14.*

14.0.0

14.0.1

14.0.2

14.0.3

14.1.0

14.1.10

14.1.11

14.1.12

14.1.13

14.1.14

14.1.15

14.1.2

14.1.3

14.1.4

14.1.5

14.1.6

14.1.7

14.1.8

14.1.9

14.2.1

14.2.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5746.json"