10 matches found
BIT-LIMESURVEY-2024-28710
Cross Site Scripting vulnerability in LimeSurvey before 6.5.0+240319 allows a remote attacker to execute arbitrary code via a lack of input validation and output encoding in the Alert Widget's message component...
Cross-site Scripting (XSS)
limesurvey/limesurvey is is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input validation and output encoding in the Alert Widget's message component...
Cross-site Scripting (XSS)
Overview limesurvey/limesurvey is a FOSS online survey tool on the web. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper input validation and output encoding in the Alert Widget's message component. Note: This is fixed in 6.5.0+240319. Details Cross-sit...
GHSA-632Q-77QJ-C89Q LimeSurvey Cross Site Scripting vulnerability
Cross Site Scripting vulnerability in LimeSurvey before 6.5.0+240319 allows a remote attacker to execute arbitrary code via a lack of input validation and output encoding in the Alert Widget's message component...
LimeSurvey Cross Site Scripting vulnerability
Cross Site Scripting vulnerability in LimeSurvey before 6.5.0+240319 allows a remote attacker to execute arbitrary code via a lack of input validation and output encoding in the Alert Widget's message component...
CVE-2024-28710
Cross Site Scripting vulnerability in LimeSurvey before 6.5.0+240319 allows a remote attacker to execute arbitrary code via a lack of input validation and output encoding in the Alert Widget's message component...
CVE-2024-28710
Cross Site Scripting vulnerability in LimeSurvey before 6.5.0+240319 allows a remote attacker to execute arbitrary code via a lack of input validation and output encoding in the Alert Widget's message component...
LimeSurvey 安全漏洞
LimeSurvey PHPSurveyor is an open source online survey program from the LimeSurvey team that supports survey program development, survey distribution, and data collection. A security vulnerability exists in LimeSurvey prior to version 6.5.0+240319, which stems from a cross-site scripting...
PT-2024-22532 · Unknown · Limesurvey
Name of the Vulnerable Software and Affected Versions: LimeSurvey versions prior to 6.5.0+240319 Description: The issue is related to a Cross Site Scripting XSS vulnerability that allows a remote attacker to execute arbitrary code. This is due to a lack of input validation and output encoding in...
CVE-2024-28710
LimeSurvey is affected by a Cross-Site Scripting (XSS) vulnerability in the Alert Widget’s message component, due to insufficient input validation and output encoding in versions prior to 6.5.0+240319. The issue enables a remote attacker to execute arbitrary code through crafted input. Remediatio...