Description

LimeSurvey v5.4.4 was discovered to contain a SQL injection vulnerability via the component /application/views/themeOptions/update.php.

Remediation

References

CVE-2022-43279

Related Vulnerabilities

WordPress Plugin bodi0`s Easy cache Cross-Site Scripting (0.8)

WordPress Plugin Caret Country Access Limit Cross-Site Scripting (1.0.1)

WordPress Plugin Media Mirror Cross-Site Scripting (1.0.6)

CubeCart Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-3904)

Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-1433)

Severity

High

Classification

CVE-2022-43279 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities