In LimeSurvey 3.14.7, HTML Injection and Stored XSS have been discovered in the appendix via the surveyls_title parameter to /index.php?r=admin/survey/sa/insert.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-09-21T17:00:00
Updated: 2024-08-05T10:39:59.114Z
Reserved: 2018-09-13T00:00:00
Link: CVE-2018-17003
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-09-21T17:29:06.657
Modified: 2018-11-09T17:53:23.990
Link: CVE-2018-17003
Redhat
No data.