3 matches found
CVE-2025-15479
Stored cross-site scripting XSS, CWE-79 in the survey content and administration functionality in Data Illusion Zumbrunn NGSurvey Enterprise Edition 3.6.4 on all supported platforms on Windows and Linux servers allows authenticated remote users with survey creation or edit privileges to execute...
CVE-2025-15479 NGSurvey Enterprise 3.6.4 incorrect authorization exposes other users’ API keys and personal data
Stored cross-site scripting XSS, CWE-79 in the survey content and administration functionality in Data Illusion Zumbrunn NGSurvey Enterprise Edition 3.6.4 on all supported platforms on Windows and Linux servers allows authenticated remote users with survey creation or edit privileges to execute...
ObjectPlanet Opinio 代码问题漏洞
ObjectPlanet Opinio is an online survey system from ObjectPlanet Norway. A code issue vulnerability exists in ObjectPlanet Opinio versions prior to 7.15, which stems from a program that allows XXE attacks by modifying a css file and importing this .xml file in the survey administration folder...