Lucene search
Veracode Vulnerability DatabaseVERACODE:27914HistoryNov 18, 2020 - 1:13 a.m.
Cross-site Scripting (XSS)
2020-11-1801:13:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.001 Low
EPSS
Percentile
24.8%
LimeSurvey is vulnerable to cross-site scripting (XSS). An authenticated users with correct permissions is able to inject and execute malicious script via the parameter ParticipantAttributeNamesDropdown of the Attributes on the central participant database page.
| CPE | Name | Operator | Version |
|---|---|---|---|
| limesurvey/limesurvey | le | 3.21.2+191216 |
Related
prion
prion
Cross site scripting
2020-11-17 15:15:00
cve
cve
CVE-2020-25798
2020-11-17 15:15:12
nvd
nvd
CVE-2020-25798
2020-11-17 15:15:12
osv
osv
BIT-limesurvey-2020-25798
2024-03-06 10:56:40
CVE-2020-25798
2020-11-17 15:15:12
cvelist
cvelist
CVE-2020-25798
2020-11-17 14:21:20
openvas
openvas
LimeSurvey < 3.21.2 Multiple XSS Vulnerabilities
2021-01-15 00:00:00