2019-09-09 20:29:56
mitre
PUBLISHED
A reflected cross-site scripting (XSS) vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to inject arbitrary web script or HTML via extensions of uploaded files.