CVE-2026-4168

CVSS v2.0

3.3

Low

Vector

AV:N/AC:L/Au:M/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Tecnick TCExam version 16.5.0

Description A security issue exists in Tecnick TCExam. The problem is located in an unknown function within the file /admin/code/tce edit group.php of the Group Handler component. Manipulating the Name argument can lead to cross site scripting. The attack can be initiated remotely. The exploit is publicly available.

Recommendations Upgrade the affected component to a later release where this issue is addressed.

Exploit

Fix

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-94

Related Identifiers

CVE-2026-4168

Affected Products

Tcexam

CVE-2026-4168

Weakness Enumeration

Related Identifiers

Affected Products

References · 9