Cross-Site Scripting (XSS) Vulnerability in LimeSurvey 3.21.1 Quota Component

Cross-Site Scripting (XSS) Vulnerability in LimeSurvey 3.21.1 Quota Component

CVE-2020-25799 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Quota component of the Survey page. When the survey quota being viewed, e.g. by an administrative user, the JavaScript code will be executed in the browser.

Learn more about our User Device Pen Test.