Lucene search

K
osvGoogleOSV:GHSA-XGJ4-2HRF-J4XG
HistoryMar 21, 2024 - 6:33 a.m.

Cross-site scripting in Survey Creator

2024-03-2106:33:04
Google
osv.dev
cross-site scripting
surveyjs
survey creator
vulnerability
arbitrary code
title parameter
sensitive information
software

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Cross Site Scripting (XSS) vulnerability in SurveyJS Survey Creator v.1.9.132 and before, allows attackers to execute arbitrary code and obtain sensitive information via the title parameter in form.

CPENameOperatorVersion
survey-creatorlt1.9.133

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Related for OSV:GHSA-XGJ4-2HRF-J4XG