Filtered by vendor Taotesting
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-23050 | 1 Taotesting | 1 Tao Assessment Platform | 2024-02-28 | 6.0 MEDIUM | 8.0 HIGH |
TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerability in the userFirstName parameter of the user account input field. This vulnerability allows attackers to execute phishing attacks, external redirects, and arbitrary code. | |||||
CVE-2020-36499 | 1 Taotesting | 1 Tao Assessment Platform | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a cross-site scripting (XSS) vulnerability in the content parameter of the Rubric Block (Add) module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the rubric name value. |