Reflected Cross-Site Scripting (XSS) Vulnerability in Limesurvey before 3.17.14

CVE-2019-16182 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

A reflected cross-site scripting (XSS) vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to inject arbitrary web script or HTML via extensions of uploaded files.

Learn more about our Web App Pen Testing.