2 matches found
CVE-2018-10228
Cross-site scripting XSS vulnerability in /application/controller/admin/theme.php in LimeSurvey 3.6.2+180406 allows remote attackers to inject arbitrary web script or HTML via the changescp parameter to the index.php/admin/themes/sa/templatesavechanges URI...
CVE-2018-10228
Cross-site scripting XSS vulnerability in /application/controller/admin/theme.php in LimeSurvey 3.6.2+180406 allows remote attackers to inject arbitrary web script or HTML via the changescp parameter to the index.php/admin/themes/sa/templatesavechanges URI...