Description
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted operator.
Remediation
References
Related Vulnerabilities
Drupal Core 5.x Cross-Site Scripting (5.0 - 5.5)
Grafana Insufficiently Protected Credentials Vulnerability (CVE-2022-31130)
OpenVPN AS Divide By Zero Vulnerability (CVE-2023-46849)
WordPress Plugin Attachment Manager Arbitrary File Upload (2.1.1)
WordPress Plugin Pinpoint Booking System-#1 WordPress Booking SQL Injection (2.9.9.2.8)