CVE-2025-70797

Cross Site Scripting vulnerability in Limesurvey v.6.15.20+251021 allows a remote attacker to execute arbitrary code via the Boxtitle and boxurl parameters...

EUVD-2025-209392

Cross Site Scripting vulnerability in Limesurvey v.6.15.20+251021 allows a remote attacker to execute arbitrary code via the Boxtitle and boxurl parameters...

CVE-2025-70797

Cross Site Scripting vulnerability in Limesurvey v.6.15.20+251021 allows a remote attacker to execute arbitrary code via the Boxtitle and boxurl parameters...

Cross-site Scripting (XSS)

Overview limesurvey/limesurvey is a FOSS online survey tool on the web. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Boxtitle and boxurl parameters. An attacker can execute arbitrary scripts in the context of a user's browser by injecting malicious input...

CVE-2025-70797

Cross Site Scripting vulnerability in Limesurvey v.6.15.20+251021 allows a remote attacker to execute arbitrary code via the Boxtitle and boxurl parameters...

LimeSurvey 安全漏洞

LimeSurvey PHPSurveyor is a set of open-source online survey programs developed by the LimeSurvey team. It supports functions such as survey program development, survey questionnaire publishing, and data collection. Version 6.15.20+251021 of Limesurvey contains a security vulnerability, which ste...

Limesurvey cross-site scripting vulnerability (CNVD-2019-31355)

limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A stored cross-site scripting vulnerability exists in Limesurvey versions prior to 3.17.14. An attacker can exploit this vulnerability to...

CVE-2006-1222

Multiple cross-site scripting XSS vulnerabilities in zeroboard 4.1 pl7 allows allow remote attackers to inject arbitrary web script or HTML via the 1 memo box title, 2 user email, and 3 homepage fields...