Bitnami package
limesurvey
pkg:bitnami/limesurvey
Vulnerabilities (23)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-16192 | — | >= 4.3.2, < 4.3.3 | 4.3.3 | Aug 5, 2020 | LimeSurvey 4.3.2 allows reflected XSS because application/controllers/LSBaseController.php lacks code to validate parameters. | ||
| CVE-2020-11455 | — | < 4.1.12 | 4.1.12 | Apr 1, 2020 | LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php. | ||
| CVE-2020-11456 | — | < 4.1.12 | 4.1.12 | Apr 1, 2020 | LimeSurvey before 4.1.12+200324 has stored XSS in application/views/admin/surveysgroups/surveySettings.php and application/models/SurveysGroups.php (aka survey groups). |
- CVE-2020-16192Aug 5, 2020affected >= 4.3.2, < 4.3.3fixed 4.3.3
LimeSurvey 4.3.2 allows reflected XSS because application/controllers/LSBaseController.php lacks code to validate parameters.
- CVE-2020-11455Apr 1, 2020affected < 4.1.12fixed 4.1.12
LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php.
- CVE-2020-11456Apr 1, 2020affected < 4.1.12fixed 4.1.12
LimeSurvey before 4.1.12+200324 has stored XSS in application/views/admin/surveysgroups/surveySettings.php and application/models/SurveysGroups.php (aka survey groups).
Page 2 of 2