Vulnerabilities > Simple Exam Reviewer Management System Project > Simple Exam Reviewer Management System > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-20	CVE-2022-42197	Forced Browsing vulnerability in Simple Exam Reviewer Management System Project Simple Exam Reviewer Management System 1.0 In Simple Exam Reviewer Management System v1.0 the User List function has improper access control that allows low privileged users to modify user permissions to higher privileges. network low complexity simple-exam-reviewer-management-system-project CWE-425	6.5
2022-10-20	CVE-2022-42200	Cross-site Scripting vulnerability in Simple Exam Reviewer Management System Project Simple Exam Reviewer Management System 1.0 Simple Exam Reviewer Management System v1.0 is vulnerable to Stored Cross Site Scripting (XSS) via the Exam List. network low complexity simple-exam-reviewer-management-system-project CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.