Vulnerabilities > Diaowen > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-20 | CVE-2020-20070 | Cross-site Scripting vulnerability in Diaowen Dwsurvey 1.0 Cross Site Scripting vulnerability found in wkeyuan DWSurvey 1.0 allows a remote attacker to execute arbitrary code via thequltemld parameter of the qu-multi-fillblank!answers.action file. | 6.1 |
| 2019-08-16 | CVE-2019-15095 | Cross-site Scripting vulnerability in Diaowen Dwsurvey 1.0/20190722/3.2.0 DWSurvey through 2019-07-22 has reflected XSS via the design/qu-multi-fillblank!answers.action surveyId parameter. | 6.1 |
| 2019-08-07 | CVE-2019-14747 | Cross-site Scripting vulnerability in Diaowen Dwsurvey 1.0/20190722/3.2.0 DWSurvey through 2019-07-22 has stored XSS via the design/my-survey-design!copySurvey.action surveyName parameter. | 6.1 |