CVE-2020-16192

LimeSurvey 4.3.2 allows reflected XSS because application/controllers/LSBaseController.php lacks code to validate parameters...

Cross site scripting

LimeSurvey 4.3.2 allows reflected XSS because application/controllers/LSBaseController.php lacks code to validate parameters...

CVE-2020-16192

LimeSurvey 4.3.2 is affected by a reflected XSS due to LSBaseController.php not validating parameters. Root cause: lack of input validation in the LSBaseController. Impact: cross-site scripting reflected in web context. Remediation: implement proper parameter validation in LSBaseController.php an...