4 matches found
CVE-2019-16182
A reflected cross-site scripting XSS vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to inject arbitrary web script or HTML via extensions of uploaded files...
LimeSurvey < 3.17.14 Multiple Vulnerabilities
LimeSurvey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-16182
A reflected cross-site scripting XSS vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to inject arbitrary web script or HTML via extensions of uploaded files...
CVE-2019-16182
Affected software: LimeSurvey. advertises a reflected XSS in versions before 3.17.14 via extensions of uploaded files. Root cause: improper sanitization in handling file extensions leads to script/HTML injection. Impact: potential execution of arbitrary scripts in a victim’s browser. Mitigation: ...