mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-12 22:53:11 +00:00
758 B
758 B
CVE-2021-42112
Description
The "File upload question" functionality in LimeSurvey 3.x-LTS through 3.27.18 allows XSS in assets/scripts/modaldialog.js and assets/scripts/uploader.js.
POC
Reference
- https://www.on-x.com/sites/default/files/on-x_-security_advisory-limesurvey-_cve-2021-42112.pdf