limesurvey/limesurvey is vulnerable to cross-site scripting attacks. The vulnerability exists in the uploadConfirm.php
due to a lack of input validation which allows an attacker to inject and execute arbitrary javascript or HTML.
CPE | Name | Operator | Version |
---|---|---|---|
limesurvey/limesurvey | le | 5.3.6+220321 | |
limesurvey/limesurvey | le | 5.3.6+220321 |