Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2011-5256
cve-2011-5256
xss
vulnerability
limesurvey
remote attackers
web script
html
nvd
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.1%
Cross-site scripting (XSS) vulnerability in the tooltips in LimeSurvey before 1.91+ Build 11379-20111116, when viewing survey results, allows remote attackers to inject arbitrary web script or HTML via unknown parameters.
Affected configurations
Node
limesurveylimesurveyRange≤1.91\+
ORlimesurveylimesurveyMatch1.01
ORlimesurveylimesurveyMatch1.50
ORlimesurveylimesurveyMatch1.52
ORlimesurveylimesurveyMatch1.53\+
ORlimesurveylimesurveyMatch1.70\+
ORlimesurveylimesurveyMatch1.71\+
ORlimesurveylimesurveyMatch1.72
ORlimesurveylimesurveyMatch1.80\+
ORlimesurveylimesurveyMatch1.81\+
ORlimesurveylimesurveyMatch1.82\+
ORlimesurveylimesurveyMatch1.85
ORlimesurveylimesurveyMatch1.86
ORlimesurveylimesurveyMatch1.87\+
ORlimesurveylimesurveyMatch1.90\+
Related
nvd
nvd
CVE-2011-5256
2013-02-12 20:55:01
prion
prion
Cross site scripting
2013-02-12 20:55:00
cvelist
cvelist
CVE-2011-5256
2022-10-03 16:15:12
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.1%
Related for CVE-2011-5256