CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

Cross Site Scripting (XSS) vulnerability in LimeSurvey before version 6.2.9-230925 allows a remote attacker to escalate privileges via a crafted script to the _generaloptions_panel.php component.

Product Status

Learn more

Information not provided

References 4 Total

https://github.com/LimeSurvey/LimeSurvey/pull/3483
external site
https://github.com/limesurvey/limesurvey/commit/135511073c51c332613dd7fad9a8ca0aad34a3fe
external site
https://github.com/Hebing123/CVE-2023-44796/issues/1
external site
https://github.com/Hebing123/cve/issues/4
external site

Updated: 2024-08-02

This container includes required additional information provided by the CVE Program for this vulnerability.

References 4 Total

https://github.com/LimeSurvey/LimeSurvey/pull/3483
external site
x_transferred
https://github.com/limesurvey/limesurvey/commit/135511073c51c332613dd7fad9a8ca0aad34a3fe
external site
x_transferred
https://github.com/Hebing123/CVE-2023-44796/issues/1
external site
x_transferred
https://github.com/Hebing123/cve/issues/4
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: MITRE Corporation

Description

Product Status

References 4 Total

CVE Program

References 4 Total