CVE-2020-25797

Published: 2020-12-31T18:15Z

Last Modified: 2024-11-21T05:18Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Add Participants Function (First and last name parameters). When the survey participant being edited, e.g. by an administrative user, the JavaScript code will be executed in the browser. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt