CVE-2026-4169

CVSS v2.0

3.3

Low

Vector

AV:N/AC:L/Au:M/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Tecnick TCExam versions up to 16.6.0

Description A security issue exists in Tecnick TCExam related to the XML Export component. The F xml export users function within the admin/code/tce xml users.php file is susceptible to cross site scripting. Exploitation may be possible remotely. The vendor has expressed doubts about the severity of this issue, noting that it requires administrator privileges for both creation and exploitation, and that administrators already possess extensive capabilities within the platform.

Recommendations Tecnick TCExam versions up to 16.6.0 should be upgraded to version 16.6.1 to address this issue.

Fix

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-94

Related Identifiers

CVE-2026-4169

Affected Products

Tcexam

CVE-2026-4169

Weakness Enumeration

Related Identifiers

Affected Products

References · 9