CVE-2020-29257: XSS
First published: Wed Dec 09 2020(Updated: )
Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the q parameter to feedback.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SourceCodester Online Examination System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-29257?
The severity of CVE-2020-29257 is medium with a severity value of 6.1.
How does CVE-2020-29257 affect Online Examination System 1.0?
CVE-2020-29257 affects Online Examination System 1.0 through a cross-site scripting (XSS) vulnerability in the q parameter of the feedback.php file.
What is cross-site scripting (XSS) vulnerability?
Cross-site scripting (XSS) vulnerability is a security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.
What is the Common Vulnerabilities and Exposures (CVE) identifier for this vulnerability?
The Common Vulnerabilities and Exposures (CVE) identifier for this vulnerability is CVE-2020-29257.
How can I fix the CVE-2020-29257 vulnerability?
To fix the CVE-2020-29257 vulnerability, it is recommended to sanitize the input in the q parameter of the feedback.php file to prevent XSS attacks.
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/online examination system project
- canonical/sourcecodester online examination system
- version/sourcecodester online examination system/1.0