Cross-site scripting (XSS) vulnerability in the tooltips in LimeSurvey before 1.91+ Build 11379-20111116, when viewing survey results, allows remote attackers to inject arbitrary web script or HTML via unknown parameters.
CPE | Name | Operator | Version |
---|---|---|---|
limesurvey | eq | 1.80.0 | |
limesurvey | eq | 1.72 | |
limesurvey | eq | 1.85 | |
limesurvey | eq | 1.53.0 | |
limesurvey | eq | <= 1.91 | |
limesurvey | eq | 1.52 | |
limesurvey | eq | 1.87.0 | |
limesurvey | eq | 1.86 | |
limesurvey | eq | 1.90.0 | |
limesurvey | eq | 1.81.0 |