Cross Site Scripting (XSS) Vulnerability in LimeSurvey 3.0.0-beta.3+17110 Boxes

Cross Site Scripting (XSS) Vulnerability in LimeSurvey 3.0.0-beta.3+17110 Boxes

CVE-2018-1000513 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

LimeSurvey version 3.0.0-beta.3+17110 contains a Cross Site Scripting (XSS) vulnerability in Boxes that can result in JS code execution against LimeSurvey admins. This vulnerability appears to have been fixed in 3.6.x.

Learn more about our Web Application Penetration Testing UK.