CVE-2020-27515

MEDIUM

Savsoft Quiz <5.0 - XSS

Title source: llm

Description

A Cross Site Scripting (XSS) vulnerability in Savsoft Quiz v5.0 allows remote attackers to inject arbitrary web script or HTML via the Skype ID field.

Exploits (1)

exploitdb WRITEUP

by Dipak Panchal · textwebappsphp

https://www.exploit-db.com/exploits/49208

View Code ZIP pw:eip

References (3)

[Third Party Advisory] https://github.com/savsofts/savsoftquiz_v5

[Vendor Advisory] https://savsoftquiz.com/

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/49208

Scores

CVSS v3 6.1

EPSS 0.0054

EPSS Percentile 67.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

techkshetrainfo/savsoft_quiz 5.0

Published Dec 26, 2020

Tracked Since Feb 18, 2026