Description
Cross Site Scripting (XSS) vulnerability in LimeSurvey before version 6.2.9-230925 allows a remote attacker to escalate privileges via a crafted script to the _generaloptions_panel.php component.
Remediation
References
Related Vulnerabilities
Drupal Core 9.0.x Security Bypass (9.0.0 - 9.0.5)
Mailman Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4624)
WordPress Plugin NewStatPress Cross-Site Scripting (1.0.3)
WordPress Plugin Testimonial Rotator Cross-Site Scripting (3.0.2)
Ruby Resource Management Errors Vulnerability (CVE-2014-2734)