CVE-2020-5749
Description
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted group.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
TCExam 14.2.2 suffers from persistent XSS due to insufficient output sanitization, allowing authenticated attackers to inject arbitrary scripts via crafted group names.
Vulnerability
TCExam 14.2.2 fails to sanitize output when displaying group names, enabling a persistent cross-site scripting (XSS) vulnerability. An authenticated user with permission to create groups can inject arbitrary HTML or JavaScript into the group name field. This stored payload is then executed in the browsers of other users who view the affected group. [1]
Exploitation
An attacker must have a valid account with privileges to create groups in TCExam 14.2.2. The attacker crafts a group name containing malicious script, such as ``. When other users, including administrators, navigate to pages that display the group list, the script executes in their browser context. [1]
Impact
Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the victim's session. This can lead to session hijacking, credential theft, or further actions such as performing administrative operations on behalf of the victim. The attacker may also leverage this XSS in combination with CSRF vulnerabilities to escalate privileges, as noted in the Tenable advisory. [1]
Mitigation
As of the publication date (2020-05-07), no official patch has been released for TCExam 14.2.2. The vendor has not responded to the disclosure. Users should consider upgrading to a newer version if available, or implement input sanitization and output encoding as a workaround. The vulnerability is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog. [1]
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- TCExam/TCExamdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Insufficient output sanitization of the group name field in tce_edit_module.php allows stored XSS."
Attack vector
An authenticated attacker with privileges to create groups crafts a group name containing HTML script tags with malicious JavaScript. This group is then assigned to other users. When a user with operator or higher privileges who is assigned to that group navigates to `/admin/code/tce_edit_module.php`, the unsanitized group name is echoed into the page, causing the injected script to execute in the victim's browser [ref_id=1].
Affected code
The vulnerability exists in `/admin/code/tce_edit_module.php`. The code at line 367-368 outputs the group name directly: `echo ' · '.$mg['group_name'].'';` without sanitization [ref_id=1].
What the fix does
The advisory does not include a patch. To remediate, output encoding or sanitization must be applied to the `group_name` value before it is echoed into the HTML response. The `$mg['group_name']` value should be passed through a function such as `htmlspecialchars()` or equivalent to neutralize any embedded HTML or JavaScript [ref_id=1].
Preconditions
- authAttacker must be authenticated with privileges to create groups
- configThe crafted group must be assigned to other users
- inputVictim must navigate to /admin/code/tce_edit_module.php
Generated on May 25, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- www.tenable.com/security/research/tra-2020-31mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.