← All advisories

Medium severity6.1OSV Advisory· Published May 18, 2024· Updated Apr 15, 2026

CVE-2024-36043

CVE-2024-36043

Description

question_image.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Surveyjs/Survey LibraryOSV
Range: 0.10.0, 0.10.1, 0.10.2, …
Surveyjs/Form Libraryllm-create
Range: <1.10.4

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.