Description
LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. Fixed in version 3.15.6.
Remediation
References
Related Vulnerabilities
MySQL CVE-2013-0386 Vulnerability (CVE-2013-0386)
WordPress Plugin MM Duplicate 'index.php' SQL Injection (1.2)
WordPress Plugin Lingotek Translation Multiple Cross-Site Scripting Vulnerabilities (1.1.8)
WordPress Plugin DFD Reddcoin Tips Cross-Site Scripting (1.1.1)
WordPress Same Origin Method Execution (SOME) Vulnerability (0.70 - 3.7.13)