8 matches found
CVE-2019-16173
LimeSurvey before v3.17.14 allows reflected XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. This occurs in application/core/SurveyCommonAction.php,...
LimeSurvey 3.17.13 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172, CVE-2019-16173 impact: medium homepage:...
LimeSurvey < 3.17.14 Multiple Vulnerabilities
LimeSurvey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
LimeSurvey 3.17.13 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172, CVE-2019-16173 impact: medium homepage:...
CVE-2019-16173
creationtimestamp| type| source ---|---|--- 2019-09-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/47386...
LimeSurvey 3.17.13 - Cross-Site Scripting
LimeSurvey 3.17.13 - Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172,...
LimeSurvey 3.17.13 - Cross-Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172, CVE-2019-16173 impact: medium homepage:...
CVE-2019-16173
LimeSurvey before v3.17.14 is affected by a reflected XSS in application/core/Survey_Common_Action.php that can escalate from a low-privilege account to higher privileges (e.g., SuperAdmin). The issue affects LimeSurvey 3.17.13 and older; fix is in 3.17.14 (build 190902). If exploiting, an attack...