Description
TCExam before 14.1.2 has XSS via an ff_ or xl_ field.
Remediation
References
Related Vulnerabilities
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-2068)
WordPress Plugin Klaviyo Cross-Site Scripting (3.0.7)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2015-4852)
MySQL CVE-2022-21427 Vulnerability (CVE-2022-21427)
WordPress Plugin Swiss Toolkit For WP Security Bypass (1.0.7)