CVE-2024-42902

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-42902
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42902.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-42902
Aliases
Published
2024-09-03T18:15:08.583Z
Modified
2026-04-10T05:16:12.776847Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue in the jslocalize.php function of LimeSurvey v6.6.2 and before allows attackers to execute arbitrary code via injecting a crafted payload into the lng parameter of the jslocalize.php function

References

Affected packages

Git / github.com/limesurvey/limesurvey

Affected ranges

Type
GIT
Repo
https://github.com/limesurvey/limesurvey
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6e875ef208606d963208b1fde4e99d875a73d73b
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.6.2"
        }
    ]
}

Affected versions

1.*
1.45a
1.45a_2007-02-24
1.50_2007-08-06
1.70_2008-02-25
1.70_plus_2008-03-09
1.70_plus_2008-03-16
1.70_plus_2008-03-17
1.70_plus_2008-03-30
1.70_plus_2008-04-07
1.70_plus_2008-04-14
1.70_plus_2008-04-21
1.70_plus_2008-04-28
1.70_plus_2008-05-05
1.70_plus_2008-05-12
1.70_plus_2008-05-19
1.70_plus_2008-05-21
1.70_plus_2008-05-26
1.71_plus_2008-06-12
1.71_plus_2008-06-17
1.71_plus_2008-06-30
1.71_plus_2008-07-07
1.71_plus_2008-07-15
1.71_plus_2008-07-30
1.71_plus_2008-08-05
1.71_plus_2008-08-15
1.71_plus_2008-08-27
1.71_plus_2008-09-01
1.71_plus_2008-09-08
1.71_plus_2008-09-15
1.71_plus_2008-09-22
1.71_plus_2008-09-29
1.72_2008-10-07
1.80_2009-03-09
1.80_plus_2009-03-23
1.80_plus_2009-03-30
1.80_plus_2009-04-06
1.81_2009-04-10
1.81_plus_2009-04-16
1.81_plus_2009-04-20
1.82_2009-04-29
1.82_plus_2009-05-04
1.82_plus_2009-05-11
1.85_2009-06-15
1.85_plus_2009-06-22
1.85_plus_2009-06-29
1.85_plus_2009-07-08
1.85_plus_2009-07-20
1.85_plus_2009-08-03
1.85_plus_2009-08-10
1.85_plus_2009-08-12
1.85_plus_2009-08-19
1.85_plus_2009-08-24
1.85_plus_2009-08-31
1.85_plus_2009-09-07
1.85_plus_2009-09-15
1.85_plus_2009-09-21
1.85_plus_2009-09-28
1.86_2009-09-30
1.87_2009-12-29
1.87_plus_2010-01-05
1.87_plus_2010-01-12
1.87_plus_2010-01-19
1.87_plus_2010-01-26
1.87_plus_2010-02-02
1.87_plus_2010-02-09
1.87_plus_2010-02-11
1.87_plus_2010-02-16
1.87_plus_2010-02-23
1.87_plus_2010-03-02
1.87_plus_2010-03-09
1.87_plus_2010-03-18
1.87_plus_2010-03-23
1.90_plus_2010-08-10
1.90_plus_2010-08-17
1.90_plus_2010-08-24
1.90_plus_2010-09-07
1.90_plus_2010-09-14
1.90_plus_2010-09-29
1.90_plus_2010-10-05
1.90_plus_2010-10-12
1.90_plus_2010-10-13
1.90_plus_2010-10-19
1.90_plus_2010-10-20
1.90_plus_2010-10-23
1.90_plus_2010-10-26
1.90_plus_2010-11-03
1.90_plus_2010-11-09
1.90_plus_2010-11-16
1.90_plus_2010-11-23
1.90_plus_2010-11-30
1.90_plus_2010-12-07
1.90_plus_2010-12-14
1.90_plus_2011-01-25
1.91RC3
1.91_2011-05-03
1.91_plus_10232
1.91_plus_10315
1.91_plus_2011-05-10
1.91_plus_2011-05-12
1.91_plus_2011-05-17
1.91_plus_2011-05-25
1.91_plus_2011-06-01
1.91_plus_2011-06-05
1.91_plus_2011-06-08
1.91_plus_2011-06-15
1.91_plus_2011-06-21
1.91_plus_2011-06-29
1.91_plus_2011-07-08
1.91_plus_2011-07-11
1.91_plus_2011-07-12
1.91_plus_2011-07-22
1.91_plus_2011-07-28
1.91_plus_2011-08-03
1.91_plus_2011-08-05
1.91_plus_2011-08-10
1.91_plus_2011-08-11
1.91_plus_2011-08-16
1.91_plus_2011-08-26
1.91_plus_2011-09-06
1.91_plus_2011-09-20
1.91_plus_2011-09-21
1.91_plus_2011-10-05
1.91_plus_2011-10-14
1.91_plus_2011-10-20
1.91_plus_2011-10-21
1.91_plus_2011-11-08
1.91_plus_2011-11-16
1.91_plus_2011-12-30
1.91_plus_2012-01-23
1.92_plus_120319
1.92_plus_120323
1.92_plus_120330
1.92_plus_120405
1.92_plus_120501
1.92_plus_120509
1.92_plus_120516
1.92_plus_120517
1.92_plus_120607
1.92_plus_120608
1.92_plus_120613
1.92_plus_120620
1.92_plus_120718
1.92_plus_120725
1.92_plus_120815
1.92_plus_120822
1.92_plus_120909
1.92_plus_120919
2.*
2.00_120920
2.00_120926
2.00_plus_120924
2.00_plus_120926
2.00_plus_120930
2.00_plus_120931
2.00_plus_121005
2.00_plus_121006
2.00_plus_121009
2.00_plus_121011
2.00_plus_121013
2.00_plus_121014
2.00_plus_121016
2.00_plus_121017
2.00_plus_121019
2.00_plus_121024
2.00_plus_121025
2.00_plus_121101
2.00_plus_121102
2.00_plus_121104
2.00_plus_121106
2.00_plus_121113
2.00_plus_121115
2.00_plus_121116
2.00_plus_121117
2.00_plus_121120
2.00_plus_121121
2.00_plus_121127
2.00_plus_121207
2.00_plus_121208
2.00_plus_121209
2.00_plus_121211
2.00_plus_121213
2.00_plus_121220
2.00_plus_121231
2.00_plus_130103
2.00_plus_130108
2.00_plus_130110
2.00_plus_130115
2.00_plus_130116
2.00_plus_130122
2.00_plus_130206
2.00_plus_130213
2.00_plus_130219
2.00_plus_130226
2.00_plus_130305
2.00_plus_130311
2.00_plus_130317
2.00_plus_130325
2.00_plus_130406
2.00_plus_130423
2.00_plus_130428
2.00_plus_130513
2.00_plus_130514
2.00_plus_130611
2.00_plus_130708
2.00_plus_130802
2.00_plus_130913
2.00_plus_130923
2.00_plus_130929
2.00_plus_131009
2.00_plus_131022
2.00_plus_131031
2.00_plus_131107
2.00_plus_131122
2.00_plus_131202
2.00_plus_131206
2.05_131209
2.05_plus_131219
2.05_plus_140109
2.05_plus_140116
2.05_plus_140125
2.05_plus_140131
2.05_plus_140204
2.05_plus_140212
2.05_plus_140216
2.05_plus_140217
2.05_plus_140226
2.05_plus_140317
2.05_plus_140320
2.05_plus_140404
2.05_plus_140414
2.05_plus_140422
2.05_plus_140502
2.05_plus_140520
2.05_plus_140611
2.05_plus_140612
2.05_plus_140618
2.05_plus_140703
2.05_plus_140717
2.05_plus_140730
2.05_plus_140811
2.05_plus_140902
2.05_plus_140911
2.05_plus_140915
2.05_plus_141003
2.05_plus_141020
2.05_plus_141109
2.05_plus_141110
2.05_plus_141113
2.05_plus_141123
2.05_plus_141126
2.05_plus_141210
2.05_plus_141229
2.05_plus_150310
2.05_plus_150413
2.05_plus_150508
2.05_plus_150520
2.06_plus_150619
2.06_plus_150629
2.06_plus_150723
2.06_plus_150731
2.06_plus_150812
2.06_plus_150825
2.06_plus_150911
2.06_plus_150930
2.06_plus_151014
2.06_plus_151016
2.06_plus_151018
2.06_plus_151109
2.06_plus_151126
2.06_plus_151205
2.06_plus_151215
2.06_plus_160121
2.06_plus_160123
2.06_plus_160129
2.50_plus_160202
2.50_plus_160204
2.50_plus_160210
2.50_plus_160212
2.50_plus_160213
2.50_plus_160215
2.50_plus_160216
2.50_plus_160217
2.50_plus_160218
2.50_plus_160222
2.50_plus_160310
2.50_plus_160311
2.50_plus_160314
2.50_plus_160323
2.50_plus_160330
2.50_plus_160404
2.50_plus_160407
2.50_plus_160412
2.50_plus_160413
2.50_plus_160414
2.50_plus_160415
2.50_plus_160418
2.50_plus_160421
2.50_plus_160426
2.50_plus_160428
2.50_plus_160506
2.50_plus_160512
2.50_plus_160516
2.50_plus_160517
2.50_plus_160523
2.50_plus_160525
2.50_plus_160526
2.50_plus_160529
2.50_plus_160602
2.50_plus_160603
2.50_plus_160606
2.50_plus_160613
2.50_plus_160616
2.50_plus_160620
2.50_plus_160714
2.50_plus_160715
2.50_plus_160718
2.50_plus_160726
2.50_plus_160727
2.50_plus_160728
2.50_plus_160731
2.51.1_160901
2.51.2_160906
2.51.3_160907
2.51.4+160908
2.51.4_160908
2.52+160929
2.54+161007
2.54.1+161010
2.54.2+161012
2.54.3+161014
2.54.4+161018
2.55+161021
2.55.1+161026
2.55.2+161103
2.55.3+161111
2.56+161117
2.56.1+161118
2.57.0+161202
2.57.1+161205
2.58.0+170104
2.58.1+170113
2.58.2+170114
2.59.0+170115
2.59.1+170116
2.62.0+170124
2.62.1+170130
2.62.2+170203
2.63.1+170305
2.64.0+170307
2.64.1+170310
2.64.2+170324
2.64.3+170327
2.64.4+170330
2.64.5+170331
2.64.6+170332
2.64.7+170404
2.65.0+170502
2.65.0+170522
2.65.1+170522
2.65.2+170606
2.65.4+170612
2.66.6+170619
2.67.0+170622
2.67.1+170626
2.67.2+170719
2.67.2+170728
2.67.3+170728
2.71.0+170925
2.71.1+170927
2.72.0+171010
2.72.2+171017
2.72.3+171020
2.72.4+171110
2.72.5+171121
2.72.6+171207
2.73.0+171219
2.91_plus_10315
3.*
3.0.0+171222
3.0.2+180110
3.0.3+180112
3.0.4+180116
3.0.5+180118
3.1.0
3.1.1+180130
3.10.0+180611
3.11.0+180612
3.12.0+180615
3.12.1+180616
3.12.2+180625
3.12.3+180627
3.13.0+180628
3.13.1+180629
3.13.2+180709
3.14.0+180730
3.14.1+180731
3.14.10+180924
3.14.10+180926
3.14.11+180926
3.14.2+180807
3.14.4+180810
3.14.5+180815
3.14.6+180821
3.14.7+180827
3.14.8+180829
3.14.9+180917
3.15.0+181008
3.15.1+181017
3.15.2+181107
3.15.3+181108
3.15.4+181109
3.15.5+181115
3.15.6+190108
3.15.7+190124
3.15.8+190130
3.15.9+190214
3.16.1+190225
3.16.1+190314
3.17.0+190402
3.17.1+190408
3.17.10+190821
3.17.11+190822
3.17.12+190823
3.17.13+190824
3.17.14+190902
3.17.15+190903
3.17.16+190906
3.17.3+190429
3.17.4+190529
3.17.5+190604
3.17.7+190627
3.19.0+191008
3.19.1+191009
3.19.2+191017
3.19.3+191023
3.2.0+180206
3.2.1+180207
3.20.0+191112
3.20.1+191114
3.20.2+191119
3.21.0+191203
3.21.1+191210
3.21.2+191216
3.21.3+191219
3.21.4+200108
3.21.5+200115
3.3.0+180209
3.3.1
3.4.0+180219
3.4.1+180221
3.4.2+180223
3.4.3+180227
3.4.4+180305
3.5.0+180309
3.5.1+180312
3.5.2+180315
3.5.3+180316
3.5.4+180320
3.6.0+180328
3.6.1+180329
3.6.2+180406
3.6.3+180416
3.7.0+180418
3.7.1+180424
3.7.2+180508
3.7.3+180516
3.8.0+180522
3.8.1+180524
3.8.2+180529
3.9.0+180604
4.*
4.0.0+200116
4.0.1+200120
4.1.0+200128
4.1.1+200203
4.1.2+200210
4.1.3+200213
4.1.4+200214
4.1.5+200217
4.1.7+200224
4.1.8+200302
4.4.0-RC2+210104
6.*
6.4.0+231218
6.4.1+240108
6.4.10+240228
6.4.11+240304
6.4.12+240311
6.4.2+240115
6.4.3+240122
6.4.4+240130
6.4.5+240205
6.4.6+240212
6.4.7+240219
6.4.8+240221
6.4.9+240226
6.5.0+240319
6.5.1+240320
6.5.10+240603
6.5.11+240605
6.5.12+240611
6.5.13+240617
6.5.14+240624
6.5.15+240701
6.5.16+240708
6.5.17+240715
6.5.18+240723
6.5.2+240402
6.5.3+240415
6.5.4+240422
6.5.5+240429
6.5.6+240506
6.5.7+240515
6.5.8+240517
6.5.9+240521
6.6.0+240729
6.6.1+240806
6.6.2+240827

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42902.json"