← back
CVE-2011-5256

CVE-2011-5256

EPSS 0.9%
Cross-site scripting (XSS) vulnerability in the tooltips in LimeSurvey before 1.91+ Build 11379-20111116, when viewing survey results, allows remote attackers to inject arbitrary web script or HTML via unknown parameters.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://limesurvey.svn.sourceforge.net/viewvc/limesurvey/source/limesurvey/docs/release_notes.txt?view=markuphttp://secunia.com/advisories/46831