CVE-2018-20322
LimeSurvey 3.15.5 contains a cross-site scripting (XSS) vulnerability in the Survey Resource ZIP upload, allowing potentially executable JavaScript against LimeSurvey administrators. The issue is caused by insufficient input sanitization during ZIP upload of survey resources. The vulnerability is...