Vulnerabilities (CVE)

Filtered by vendor Taotesting Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-23050 1 Taotesting 1 Tao Assessment Platform 2024-02-28 6.0 MEDIUM 8.0 HIGH
TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerability in the userFirstName parameter of the user account input field. This vulnerability allows attackers to execute phishing attacks, external redirects, and arbitrary code.
CVE-2020-36499 1 Taotesting 1 Tao Assessment Platform 2024-02-28 3.5 LOW 5.4 MEDIUM
TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a cross-site scripting (XSS) vulnerability in the content parameter of the Rubric Block (Add) module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the rubric name value.