Vendor
Savsofts
Products
2
CVEs
3
Across products
3
Status
Private
Products
2- 2 CVEs
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-47962 | Med | 0.42 | 6.4 | 0.00 | May 15, 2026 | Savsoft Quiz 5.0 contains a persistent cross-site scripting vulnerability in the user account settings page that allows authenticated attackers to inject malicious HTML and JavaScript code. Attackers can inject script payloads into user profile fields at the edit_user endpoint,… | ||
| CVE-2020-27515 | 0.00 | — | 0.01 | Dec 26, 2020 | A Cross Site Scripting (XSS) vulnerability in Savsoft Quiz v5.0 allows remote attackers to inject arbitrary web script or HTML via the Skype ID field. | |||
| CVE-2014-100025 | 0.00 | — | 0.01 | Jan 13, 2015 | Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an administrator account via a crafted request. |
- risk 0.42cvss 6.4epss 0.00
Savsoft Quiz 5.0 contains a persistent cross-site scripting vulnerability in the user account settings page that allows authenticated attackers to inject malicious HTML and JavaScript code. Attackers can inject script payloads into user profile fields at the edit_user endpoint,…
- CVE-2020-27515Dec 26, 2020risk 0.00cvss —epss 0.01
A Cross Site Scripting (XSS) vulnerability in Savsoft Quiz v5.0 allows remote attackers to inject arbitrary web script or HTML via the Skype ID field.
- CVE-2014-100025Jan 13, 2015risk 0.00cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an administrator account via a crafted request.