Description

Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission.

Remediation

References

CVE-2020-5743

Related Vulnerabilities

Oracle Application Server CVE-2008-0344 Vulnerability (CVE-2008-0344)

WordPress Plugin jcwp youtube channel embed Cross-Site Scripting (1.5.2)

IBM RTC Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-29701)

WordPress Plugin Login With Ajax Cross-Site Scripting (3.1.6)

WordPress Plugin Jigoshop-Store Toolkit Privilege Escalation (1.3.8)

Severity

Medium

Classification

CVE-2020-5743 CWE-200 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities