mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
676 B
676 B
CVE-2021-42112
Description
The "File upload question" functionality in LimeSurvey 3.x-LTS through 3.27.18 allows XSS in assets/scripts/modaldialog.js and assets/scripts/uploader.js.
POC
Reference
- https://www.on-x.com/sites/default/files/on-x_-security_advisory-limesurvey-_cve-2021-42112.pdf
Github
No PoCs found on GitHub currently.