Description
Cross-site scripting (XSS) vulnerability in admin/userrighthandling.php in LimeSurvey before 1.91+ Build 120224 allows remote attackers to inject arbitrary web script or HTML via the full_name parameter in a moduser action to admin/admin.php. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2020-9481)
WordPress Plugin AVK-Shop Multiple Cross-Site Scripting Vulnerabilities (1.1.1)
WordPress Plugin Rate my Post-WP Rating System Multiple Vulnerabilities (3.3.4)
WordPress Plugin Mikiurl WordPress Eklentisi Cross-Site Request Forgery (2.0)