Vulnerabilities > Limesurvey > Limesurvey > 5.4.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-18 | CVE-2023-44796 | Cross-site Scripting vulnerability in Limesurvey Cross Site Scripting (XSS) vulnerability in LimeSurvey before version 6.2.9-230925 allows a remote attacker to escalate privileges via a crafted script to the _generaloptions_panel.php component. | 5.4 |
2022-11-15 | CVE-2022-43279 | SQL Injection vulnerability in Limesurvey 5.4.4 LimeSurvey v5.4.4 was discovered to contain a SQL injection vulnerability via the component /application/views/themeOptions/update.php. | 7.2 |