Vulnerabilities > Limesurvey > Limesurvey > 5.2.2

DATE CVE VULNERABILITY TITLE RISK
2023-11-18 CVE-2023-44796 Cross-site Scripting vulnerability in Limesurvey
Cross Site Scripting (XSS) vulnerability in LimeSurvey before version 6.2.9-230925 allows a remote attacker to escalate privileges via a crafted script to the _generaloptions_panel.php component.
network
low complexity
limesurvey CWE-79
5.4
2022-05-25 CVE-2022-29710 Cross-site Scripting vulnerability in Limesurvey
A cross-site scripting (XSS) vulnerability in uploadConfirm.php of LimeSurvey v5.3.9 and below allows attackers to execute arbitrary web scripts or HTML via a crafted plugin.
network
limesurvey CWE-79
4.3