Password Disclosure Vulnerability in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below

Password Disclosure Vulnerability in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below

CVE-2022-46484 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Information disclosure in password protected surveys in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below allows attackers to view the password to access and arbitrarily submit surveys.

Learn more about our Web Application Penetration Testing UK.