PT-2020-18666 · Tcexam · Tcexam

Published

2020-05-07

Updated

2021-07-21

CVE-2020-5745

CVSS v3.1

7.4

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions TCExam version 14.2.2

Description The issue allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link, due to cross-site request forgery.

Recommendations For TCExam version 14.2.2, update to a version that includes a fix for this issue, as no specific workaround is provided for this version.

Exploit

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2020-5745

Affected Products

Tcexam

PT-2020-18666 · Tcexam · Tcexam

CVE-2020-5745

Weakness Enumeration

Related Identifiers

Affected Products

References · 3