Cross-site scripting (XSS) vulnerability in LimeSurvey version 3.15.5 allows for Javascript code execution against LimeSurvey administrators
CVE-2018-20322 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. Fixed in version 3.15.6.
Learn more about our Web Application Penetration Testing UK.