FKIE_CVE-2012-4238
Vulnerability from fkie_nvd - Published: 2012-08-20 20:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in admin/code/tce_edit_answer.php in TCExam before 11.3.008 allows remote authenticated users with level 5 or greater permissions to inject arbitrary web script or HTML via the question_subject_id parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tecnick:tcexam:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09D1E543-55AC-4488-AEF6-BAF17C428A75",
"versionEndIncluding": "11.3.007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.000:*:*:*:*:*:*:*",
"matchCriteriaId": "7287E93F-9B5A-4A4F-A0F3-BA61F229337D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.001:*:*:*:*:*:*:*",
"matchCriteriaId": "DE304D45-FE2F-4B44-A74F-89EDD949E08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.002:*:*:*:*:*:*:*",
"matchCriteriaId": "4659BFFA-C0D4-4157-9FE9-95E75DF98DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.003:*:*:*:*:*:*:*",
"matchCriteriaId": "06774079-FBA2-4CFB-952E-F9D6EBC99E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.004:*:*:*:*:*:*:*",
"matchCriteriaId": "3632C110-123E-42FB-B885-86AC0496A840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.005:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0E7752-888C-4103-BA46-0688A6940FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "0DBCCBE8-6E31-4214-A8F2-7740CF8CFC59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.007:*:*:*:*:*:*:*",
"matchCriteriaId": "78E43A8F-11C8-475A-B278-E66BD2D0BEED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.008:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEFF0BC-3282-4EEC-B648-D7FB66687A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.009:*:*:*:*:*:*:*",
"matchCriteriaId": "2820AE77-E25C-4DBD-B26A-00A5F4190AA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.010:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7E4A66-24A5-441B-BCFA-1BF795E842EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.011:*:*:*:*:*:*:*",
"matchCriteriaId": "17D047F5-C69A-4E0D-8BF8-23FE201FBB13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.012:*:*:*:*:*:*:*",
"matchCriteriaId": "7842126B-A64F-41A0-A4B5-E52CF552CFBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.013:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E25193-4968-40FE-BA54-2C0E25DB0F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.000:*:*:*:*:*:*:*",
"matchCriteriaId": "513E6FB7-1B5B-4F5D-8F36-508C2472715F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.001:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D89D08-EECF-4C81-9E94-911B1A2370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.002:*:*:*:*:*:*:*",
"matchCriteriaId": "6726BE74-A015-4936-B5B9-85EA080222C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.003:*:*:*:*:*:*:*",
"matchCriteriaId": "97AC229D-0885-45D3-A780-C29E21663D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.004:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE5A37B-6EC8-4790-AA80-4F1948B657FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.005:*:*:*:*:*:*:*",
"matchCriteriaId": "9DBF0674-291C-4793-8CBA-A0B2C09BD0BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.006:*:*:*:*:*:*:*",
"matchCriteriaId": "DC62D410-2928-489D-B297-9EC831A1C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.007:*:*:*:*:*:*:*",
"matchCriteriaId": "CC254B57-3DAB-4EDE-A852-627AEDBC7AFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.008:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD2B624-838B-4832-9965-1DBB876F5A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.009:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFF2AAB-59BB-4ED7-AC95-44C96DB1080A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.010:*:*:*:*:*:*:*",
"matchCriteriaId": "115D55DB-8751-41B3-A600-78519A460650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.011:*:*:*:*:*:*:*",
"matchCriteriaId": "1CD38E1D-F056-4882-848C-58173731AA7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.012:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7B398D-9665-4DF8-9099-F0DA551E0948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.013:*:*:*:*:*:*:*",
"matchCriteriaId": "56B37604-4480-436B-B159-0A947A1BAC19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.014:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF176B7-EF7E-43FB-8F92-BD6112FD1009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.015:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9A4527-F17F-4C2A-B3CE-58059903C091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.016:*:*:*:*:*:*:*",
"matchCriteriaId": "14C26608-F7C4-4809-AA66-E03DEBC9E858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.000:*:*:*:*:*:*:*",
"matchCriteriaId": "391AF446-5D84-41DE-A102-F17E2674DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.001:*:*:*:*:*:*:*",
"matchCriteriaId": "40AB17EC-85A6-431D-A104-0592FD83DA0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.002:*:*:*:*:*:*:*",
"matchCriteriaId": "1457CD43-32D3-4A07-AE32-863661002BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.003:*:*:*:*:*:*:*",
"matchCriteriaId": "78C75386-A50D-48CF-8127-221B9BB8A405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.004:*:*:*:*:*:*:*",
"matchCriteriaId": "1947F0AC-4542-43C3-A7CA-268E8981CFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.005:*:*:*:*:*:*:*",
"matchCriteriaId": "87A6F355-E90C-45F5-924A-2E273C17A77A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.006:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3C3DED-3F50-450F-89B5-4D926FAB7B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.007:*:*:*:*:*:*:*",
"matchCriteriaId": "0C7D7F46-F2FA-41E0-BCD3-0B32CC64F657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.008:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFF8EC6-6ADA-4B8A-ACE6-4F00107F2D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.009:*:*:*:*:*:*:*",
"matchCriteriaId": "0E643379-E31F-4C0C-92EB-C347D668191D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.010:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC974BF-33A5-4F6A-AF65-40E9A56DDCC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.011:*:*:*:*:*:*:*",
"matchCriteriaId": "249FE485-F3CD-45C7-8B21-786F6D50851A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.012:*:*:*:*:*:*:*",
"matchCriteriaId": "628F72CC-306E-4CF8-9E8D-15CA2482D600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.013:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5E1468-0680-4CB2-8675-4722A8560607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.014:*:*:*:*:*:*:*",
"matchCriteriaId": "62DECE89-EF33-49AC-869F-C3094596A451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.015:*:*:*:*:*:*:*",
"matchCriteriaId": "CE2FF621-4ABC-4C9A-82A3-8151BADE4810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.016:*:*:*:*:*:*:*",
"matchCriteriaId": "FECCD319-5F1C-4F47-867D-F12925E9AB49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.017:*:*:*:*:*:*:*",
"matchCriteriaId": "33BF558B-6E25-4A19-A794-5ED34E110B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.018:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC31BE4-D779-400A-BFAE-99F2EE4AE094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.019:*:*:*:*:*:*:*",
"matchCriteriaId": "D15CD910-BE87-4BA0-B7A7-BC36D8C48EF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.020:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7C1FC6-02C3-4BC5-9A37-6B66F4326CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.021:*:*:*:*:*:*:*",
"matchCriteriaId": "2E218333-6250-484A-8829-3649CC1863C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.022:*:*:*:*:*:*:*",
"matchCriteriaId": "0ACF3998-A87D-4F00-846D-3698BD709B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.023:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD3F95E-0212-4E82-86C4-5771EA5E623A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.024:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC784A-4418-4B71-BB80-291B10063ACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.025:*:*:*:*:*:*:*",
"matchCriteriaId": "83B4FEEA-1BEC-4911-86E3-0AE963ADE644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.026:*:*:*:*:*:*:*",
"matchCriteriaId": "C95867CE-CC40-4437-95CE-FE48F12857FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.027:*:*:*:*:*:*:*",
"matchCriteriaId": "85FCB6DF-4F02-4708-B256-4D28EEED7F54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.028:*:*:*:*:*:*:*",
"matchCriteriaId": "01EA4845-0D85-4B97-A845-9F219E3964AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.029:*:*:*:*:*:*:*",
"matchCriteriaId": "F05DADC0-C60C-40DA-972E-7A49A499F620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.030:*:*:*:*:*:*:*",
"matchCriteriaId": "A8BB8A45-6110-4EFD-84EF-CEF631AED597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.031:*:*:*:*:*:*:*",
"matchCriteriaId": "18884A2F-9BAD-4EEC-89CC-0BB7F4AEF187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.000:*:*:*:*:*:*:*",
"matchCriteriaId": "690F53C2-AACF-4E4E-AECE-E704ABBE13DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.001:*:*:*:*:*:*:*",
"matchCriteriaId": "E663B808-656C-4BB5-B3BB-552646FEE34E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.002:*:*:*:*:*:*:*",
"matchCriteriaId": "24F23425-542D-4F24-A333-8F145C4F3D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.003:*:*:*:*:*:*:*",
"matchCriteriaId": "E1051C25-22AA-46DE-95F7-E6BC2CD6132D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.004:*:*:*:*:*:*:*",
"matchCriteriaId": "08F962B2-C68F-439A-A20C-D57D846A70C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.005:*:*:*:*:*:*:*",
"matchCriteriaId": "4A75BABD-BE4F-4F7E-AFF4-1967B0B1BF9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.006:*:*:*:*:*:*:*",
"matchCriteriaId": "D7509949-207F-4938-B376-949C973AC1DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.007:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9A489B-E4DD-4179-893D-48E929CAFAFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.008:*:*:*:*:*:*:*",
"matchCriteriaId": "C47C0F2F-1EE3-404A-A003-C8F9F506C6BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.010:*:*:*:*:*:*:*",
"matchCriteriaId": "EF152B01-2906-4E6A-81BD-AF4F603E7BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.011:*:*:*:*:*:*:*",
"matchCriteriaId": "BB435B6A-DA82-47DF-AED0-FEF11B62FA50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.012:*:*:*:*:*:*:*",
"matchCriteriaId": "A7A110C7-C934-4A91-AD58-FC57C95392EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.013:*:*:*:*:*:*:*",
"matchCriteriaId": "0CCEFB5C-421C-4438-AC97-6EB36B69384A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.014:*:*:*:*:*:*:*",
"matchCriteriaId": "30B4A8FA-E94E-42BF-B6EB-18756A1EE127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.015:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3E7D7F-595E-44ED-8D4A-006E01860227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.016:*:*:*:*:*:*:*",
"matchCriteriaId": "023D3754-DE1A-4CEC-929C-E54351CBBAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.017:*:*:*:*:*:*:*",
"matchCriteriaId": "5E394EA4-EC91-4DEC-815E-8AEE71523267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.018:*:*:*:*:*:*:*",
"matchCriteriaId": "CA482C25-3273-42D6-950F-B11148493278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.020:*:*:*:*:*:*:*",
"matchCriteriaId": "67EA2A64-D0AA-4CAE-AF82-DC38AAE5FC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.021:*:*:*:*:*:*:*",
"matchCriteriaId": "2F53E4CF-2607-4C32-99B2-23BF8E77FCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.022:*:*:*:*:*:*:*",
"matchCriteriaId": "DE3FBC4C-BB09-4BCF-B1BA-D9FF8E8CD08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.023:*:*:*:*:*:*:*",
"matchCriteriaId": "AD4779BD-CA13-4FC3-BFF1-0ACC4F5BAF3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.025:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8D1F95-ADC0-4D5D-A59E-AEFAE982A082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.026:*:*:*:*:*:*:*",
"matchCriteriaId": "38B1398A-AA5A-4F8E-8A8A-3F009E1199D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.027:*:*:*:*:*:*:*",
"matchCriteriaId": "F4630664-A1B7-4836-9C73-A04346A63CCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.028:*:*:*:*:*:*:*",
"matchCriteriaId": "4B81BA0A-B5C3-4A3B-BE42-7A1ACA79A7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.029:*:*:*:*:*:*:*",
"matchCriteriaId": "2527DDB7-0974-4A7D-A9C4-D9EC93E6BFEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.030:*:*:*:*:*:*:*",
"matchCriteriaId": "6D55F344-2EF0-42D8-8E10-010E86367D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.031:*:*:*:*:*:*:*",
"matchCriteriaId": "DF17E462-7D75-4143-BCF1-D42D3B16D8FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.032:*:*:*:*:*:*:*",
"matchCriteriaId": "7A173A8C-54E9-444C-BB55-4497BD30DE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.000:*:*:*:*:*:*:*",
"matchCriteriaId": "CC938ABF-E674-4F51-BDD1-D73FBEEA76D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.001:*:*:*:*:*:*:*",
"matchCriteriaId": "83B1E4F3-B02C-4CC1-93DF-425E964513D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.002:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9FEF84-F788-45F4-AE6A-C9E9824BAD09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.003:*:*:*:*:*:*:*",
"matchCriteriaId": "353980D7-1E19-43E9-BDBF-77EA3DC87917",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.004:*:*:*:*:*:*:*",
"matchCriteriaId": "BB08D03E-740C-4F91-A3A3-BE439AF1981C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.005:*:*:*:*:*:*:*",
"matchCriteriaId": "15FDBDB6-23E8-4498-BAD4-C1987D24B15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.006:*:*:*:*:*:*:*",
"matchCriteriaId": "49497479-5A67-4565-8506-5151D2990FAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in admin/code/tce_edit_answer.php in TCExam before 11.3.008 allows remote authenticated users with level 5 or greater permissions to inject arbitrary web script or HTML via the question_subject_id parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en admin/code/tce_edit_answer.php en TCExam anterior a v11.3.008 permite a usuarios autenticados con nivel 5 o permisos superiores, inyectar c\u00f3digo web o HTML arbitrario a trav\u00e9s del par\u00e1metro question_subject_id."
}
],
"id": "CVE-2012-4238",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-08-20T20:55:03.940",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-08/0090.html"
},
{
"source": "cve@mitre.org",
"url": "http://freecode.com/projects/tcexam/releases/347125"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50141"
},
{
"source": "cve@mitre.org",
"url": "http://tcexam.git.sourceforge.net/git/gitweb.cgi?p=tcexam/tcexam%3Bh=edf6e08622642f1b2421f4355d98250d9e1b0742"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.reactionpenetrationtesting.co.uk/tcexam-cross-site-scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-08/0090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://freecode.com/projects/tcexam/releases/347125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tcexam.git.sourceforge.net/git/gitweb.cgi?p=tcexam/tcexam%3Bh=edf6e08622642f1b2421f4355d98250d9e1b0742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.reactionpenetrationtesting.co.uk/tcexam-cross-site-scripting.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…