Lucene search
Veracode Vulnerability DatabaseVERACODE:33344HistoryDec 15, 2021 - 8:18 a.m.
Cross-site Scripting (XSS)
2021-12-1508:18:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.001 Low
EPSS
Percentile
42.6%
limesurvey is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the ‘changes_cp’ parameter in templatesavechanges() function, allowing a remote attacker to inject arbitrary web script or crafted HTML via URI.
| CPE | Name | Operator | Version |
|---|---|---|---|
| limesurvey/limesurvey | le | 2018012401.x-dev | |
| limesurvey/limesurvey | le | 2018012401.x-dev |
References
Related
cve
cve
CVE-2018-10228
2021-12-14 19:15:07
osv
osv
CVE-2018-10228
2021-12-14 19:15:07
nvd
nvd
CVE-2018-10228
2021-12-14 19:15:07
cvelist
cvelist
CVE-2018-10228
2021-12-14 18:31:22
prion
prion
Cross site scripting
2021-12-14 19:15:00