Cross Site Scripting (XSS) vulnerability in LimeSurvey before version 6.2.9-230925 allows a remote attacker to escalate privileges via a crafted script to the _generaloptions_panel.php component.
References
Configurations
History
25 Nov 2023, 01:22
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-18 00:15
Updated : 2024-02-05 00:22
NVD link : CVE-2023-44796
Mitre link : CVE-2023-44796
CVE.ORG link : CVE-2023-44796
JSON object : View
Products Affected
limesurvey
- limesurvey
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')