Vulnerabilities

CVE-2020-25797

by Fred · 31/12/2020

LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Add Participants Function (First and last name parameters). When the survey participant being edited, e.g. by an administrative user, the JavaScript code will be executed in the browser.

Date published : 2020-12-31

https://bugs.limesurvey.org/view.php?id=15680

https://github.com/LimeSurvey/LimeSurvey/commit/0a7bdfa1c166f734d11a1528c8d9a7d61b670ad7

Similar

Tags: Cybersecurity Alert