Vulnerability feed

Vulnerability

CVE-2019-16172

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2019-16172
Description:: LimeSurvey before v3.17.14 allows stored XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. The attack uses a survey group in which the title contains JavaScript that is mishandled upon group deletion.
Last updated date:: 02/13/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 02/13/2023
Reference url to background: http://packetstormsecurity.com/files/154479/LimeSurvey-3.17.13-Cross-Site-Scripting.html

Type:: exploit
Confidence:: HIGH
Date of publishing:: 02/13/2023
Reference url to background: http://seclists.org/fulldisclosure/2019/Sep/22

Type:: exploit
Confidence:: HIGH
Date of publishing:: 02/13/2023
Reference url to background: https://seclists.org/bugtraq/2019/Sep/27

Type:: exploit
Confidence:: HIGH
Date of publishing:: 10/05/2024
Reference url to background: https://github.com/TrixSec/CVE-2019-16172

Vulnerability Feed Contributors About Blog

@inTheWild

©2024 |