6 matches found
CVE-2024-36043
questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...
CVE-2024-36043
questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...
CVE-2024-36043
The CVE-2024-36043 issue affects SurveyJS Form Library prior to 1.10.4, where question_image.ts allows a contentMode=youtube XSS through the imageLink property. The documented impact is Cross Site Scripting via imageLink, requiring contentMode=youtube to exploit. Mitigation: upgrade to version 1....
CVE-2024-36043
questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...
CVE-2024-36043
questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...
CVE-2024-36043
questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...