Description
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.
Remediation
References
Related Vulnerabilities
WordPress Plugin Garee's Flickr Feed Multiple Cross-Site Scripting Vulnerabilities (0.8)
TYPO3 Improper Input Validation Vulnerability (CVE-2020-15099)
WordPress Possible SQL Injection Vulnerability (0.70 - 3.6.1)
WordPress 4.0.x Possible SQL Injection Vulnerability (4.0 - 4.0.19)
WordPress Plugin Clockwork SMS Notfications Cross-Site Scripting (2.0.3)