Description
LimeSurvey before v3.17.14 allows reflected XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. This occurs in application/core/Survey_Common_Action.php,
Remediation
References
Related Vulnerabilities
MySQL CVE-2013-5860 Vulnerability (CVE-2013-5860)
WordPress Plugin Custom Sidebars-Dynamic Widget Area Manager Multiple Vulnerabilities (3.0.8)
Moodle DEPRECATED: Code Vulnerability (CVE-2015-2270)
Microsoft SQL Server Other Vulnerability (CVE-2001-0879)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-5095)