BIT-limesurvey-2020-25797
See a problem?- Import Source
- https://github.com/bitnami/vulndb/tree/main/data/limesurvey/BIT-limesurvey-2020-25797.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/BIT-limesurvey-2020-25797
- Aliases
- Published
- 2024-03-06T10:56:49.775Z
- Modified
- 2024-03-06T11:25:28.861Z
- Summary
- [none]
- Details
-
LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Add Participants Function (First and last name parameters). When the survey participant being edited, e.g. by an administrative user, the JavaScript code will be executed in the browser.
- Database specific
{ "cpes": [ "cpe:2.3:a:limesurvey:limesurvey:3.21.1:*:*:*:*:*:*:*" ], "severity": "Medium" }- References
Affected packages
Bitnami / limesurvey
Package
- Name
- limesurvey
- Purl
- pkg:bitnami/limesurvey
Severity
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator