Description
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted operator.
Remediation
References
Related Vulnerabilities
WordPress Plugin Easy Registration Forms Cross-Site Request Forgery (2.1.1)
WordPress Plugin Nextend Facebook Connect Unspecified Vulnerability (1.5.7)
MySQL CVE-2016-0606 Vulnerability (CVE-2016-0606)
WordPress Plugin WatchTowerHQ Privilege Escalation (3.6.16)
WordPress Plugin Import and export users and customers Cross-Site Request Forgery (1.14.1.3)