Unrated severityOSV Advisory· Published Dec 21, 2018· Updated Aug 5, 2024
CVE-2018-20322
CVE-2018-20322
Description
LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. Fixed in version 3.15.6.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21.45a, 1.45a_2007-02-24, 1.50_2007-08-06, …+ 1 more
- (no CPE)range: 1.45a, 1.45a_2007-02-24, 1.50_2007-08-06, …
- (no CPE)range: <3.15.6
Patches
Vulnerability mechanics
References
2- bugs.limesurvey.org/view.phpmitrex_refsource_MISC
- github.com/LimeSurvey/LimeSurvey/commit/bfee69edaa0b90f97dc2d8fab09a87958cb32405mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.