3 matches found
LimeSurvey < 3.17.14 Multiple Vulnerabilities
LimeSurvey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-16178
A stored cross-site scripting XSS vulnerability was found in Limesurvey before 3.17.14 that allows authenticated users with correct permissions to inject arbitrary web script or HTML via titles of admin box buttons on the home page...
CVE-2019-16178
LimeSurvey prior to 3.17.14 is affected by a stored XSS vulnerability that allows authenticated users with appropriate permissions to inject arbitrary script or HTML via the titles of admin box buttons on the home page. Root cause is input in button titles not properly sanitized before rendering....