CVE-2020-29205

MEDIUM

Project Worlds Online Examination System 1.0 - XSS

Title source: llm
STIX 2.1

Description

XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field

Exploits (1)

exploitdb WORKING POC
by Nikhil Kumar · textwebappsphp
https://www.exploit-db.com/exploits/48969

References (3)

Scores

CVSS v3 6.1
EPSS 0.0065
EPSS Percentile 70.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
projectworlds/travel_management_system 1.0
Published May 17, 2021
Tracked Since Feb 18, 2026