Description
LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. Fixed in version 3.15.6.
Remediation
References
Related Vulnerabilities
WordPress Plugin MediaElement.js-HTML5 Video & Audio Player Cross-Site Scripting (4.2.8)
Caddy Web Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads Security Bypass (2.2.5)
Oracle Database Server CVE-2006-5337 Vulnerability (CVE-2006-5337)