7 matches found
CVE-2024-36043
questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...
CVE-2024-36043
questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...
CVE-2024-36043
questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...
CVE-2024-36043
questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...
CVE-2024-36043
questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...
SurveyJS Form Library 安全漏洞
SurveyJS Form Library is a free client-side component of SurveyJS open source using the MIT license. A security vulnerability exists in SurveyJS Form Library versions prior to 1.10.4 that stems from allowing cross-site scripting attacks via the imageLink attribute...
PT-2024-26860 · Unknown · Surveyjs Form Library
Name of the Vulnerable Software and Affected Versions: SurveyJS Form Library versions prior to 1.10.4 Description: The issue allows for contentMode=youtube XSS via the imageLink property in the question image.ts file. This can lead to a potential XSS attack when the contentMode is set to youtube...