CVE-2020-5750

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-5750

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5750.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-5750

Published

2020-05-07T17:15:12.277Z

Modified

2026-03-13T00:43:00.466662Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks via the self-registration feature.

References

https://www.tenable.com/security/research/tra-2020-31

Affected packages

Git / github.com/tecnickcom/tcexam

Affected ranges

Type

GIT

Repo

https://github.com/tecnickcom/tcexam

Events

Introduced

Last affected

a84d81617b45538a32a46d7ef456a01f4e21e2fa

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "14.2.2"
        }
    ]
}

Affected versions

12.*

12.0.013

12.0.014

12.1.000

12.1.001

12.1.002

12.1.003

12.1.004

12.1.005

12.1.006

12.1.007

12.1.008

12.1.009

12.1.010

12.1.011

12.1.012

12.1.013

12.1.014

12.1.015

12.1.016

12.1.017

12.1.018

12.1.019

12.1.020

12.1.021

12.1.022

12.1.023

12.1.024

12.1.025

12.1.026

12.1.027

12.1.28

12.1.29

12.1.30

12.2.0

12.2.1

12.2.2

12.2.3

12.2.4

12.2.5

13.*

13.0.1

13.0.2

13.1.1

13.2.0

13.2.1

13.3.0

14.*

14.0.0

14.0.1

14.0.2

14.0.3

14.1.0

14.1.10

14.1.11

14.1.12

14.1.13

14.1.14

14.1.15

14.1.2

14.1.3

14.1.4

14.1.5

14.1.6

14.1.7

14.1.8

14.1.9

14.2.1

14.2.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5750.json"