2 matches found
LimeSurvey < 3.21.2 Multiple XSS Vulnerabilities
LimeSurvey is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2020-25798
Summary: CVE-2020-25798 describes a stored XSS in LimeSurvey versions up to 3.21.1. An authenticated user with appropriate permissions can inject arbitrary script/HTML via the Parameter ParticipantAttributeNamesDropdown on the central participant database page, causing the browser to execute the ...