Lucene search
DiaowenDwsurvey*
3 matches found
CVE-2019-15095
DWSurvey through 2019-07-22 has reflected XSS via the design/qu-multi-fillblank!answers.action surveyId parameter.
6.1CVSS6AI score0.0024EPSS
CVE-2019-14747
DWSurvey through 2019-07-22 has stored XSS via the design/my-survey-design!copySurvey.action surveyName parameter.
6.1CVSS5.9AI score0.00223EPSS
CVE-2023-40980
File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file.
9.8CVSS9.6AI score0.01289EPSS