CVE-2024-28710

Cross Site Scripting vulnerability in LimeSurvey before 6.5.0+240319 allows a remote attacker to execute arbitrary code via a lack of input validation and output encoding in the Alert Widget's message component. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt