BIT-limesurvey-2020-25799

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/limesurvey/BIT-limesurvey-2020-25799.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-limesurvey-2020-25799
Aliases
Published
2024-03-06T10:56:29.887Z
Modified
2025-04-03T14:40:37.652Z
Summary
[none]
Details

LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Quota component of the Survey page. When the survey quota being viewed, e.g. by an administrative user, the JavaScript code will be executed in the browser.

Database specific
{
    "cpes": [
        "cpe:2.3:a:limesurvey:limesurvey:3.21.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:limesurvey:limesurvey:*:*:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}
References

Affected packages

Bitnami / limesurvey

Package

Name
limesurvey
Purl
pkg:bitnami/limesurvey

Severity

  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
3.21.1
Fixed
3.21.2