First published: Mon Jun 28 2021(Updated: )
Cross Site Scripting vulnerabilty in LimeSurvey 4.1.11+200316 via the (1) name and (2) description parameters in application/controllers/admin/PermissiontemplatesController.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Limesurvey Limesurvey | =4.1.11\+200316 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-22607 is a Cross Site Scripting vulnerability in LimeSurvey 4.1.11+200316.
CVE-2020-22607 allows an attacker to execute malicious scripts on the affected LimeSurvey instance, potentially leading to unauthorized actions.
The severity of CVE-2020-22607 is medium, with a CVSS score of 6.1.
To fix CVE-2020-22607, users should update their LimeSurvey installation to version 4.1.11+200316 or later, as it contains the fix for this vulnerability.
You can find more information about CVE-2020-22607 at the following URL: https://github.com/LimeSurvey/LimeSurvey/commit/2aada33c76efbbc35d33c149ac02b1dc16a81f62