CVE-2020-5749
- Source
- https://cve.org/CVERecord?id=CVE-2020-5749
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5749.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-5749
- Published
- 2020-05-07T17:15:12.230Z
- Modified
- 2026-02-05T06:27:14.718559Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted group.
- References
Affected packages
Git / github.com/tecnickcom/tcexam
Affected ranges
- Type
- GIT
- Repo
- https://github.com/tecnickcom/tcexam
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
12.*
12.0.013
12.0.014
12.1.000
12.1.001
12.1.002
12.1.003
12.1.004
12.1.005
12.1.006
12.1.007
12.1.008
12.1.009
12.1.010
12.1.011
12.1.012
12.1.013
12.1.014
12.1.015
12.1.016
12.1.017
12.1.018
12.1.019
12.1.020
12.1.021
12.1.022
12.1.023
12.1.024
12.1.025
12.1.026
12.1.027
12.1.28
12.1.29
12.1.30
12.2.0
12.2.1
12.2.2
12.2.3
12.2.4
12.2.5
13.*
13.0.1
13.0.2
13.1.1
13.2.0
13.2.1
13.3.0
14.*
14.0.0
14.0.1
14.0.2
14.0.3
14.1.0
14.1.10
14.1.11
14.1.12
14.1.13
14.1.14
14.1.15
14.1.2
14.1.3
14.1.4
14.1.5
14.1.6
14.1.7
14.1.8
14.1.9
14.2.1
14.2.2