Vulnerability DatabaseWS-2023-0410
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2023-0410
Published:May 15, 2026
Updated:May 15, 2026
Store XSS in Survey menus in limesurvey/limesurvey
Affected Packages
limesurvey/limesurvey (PHP):
Affected version(s) =dev-tests-lchtest <dev-travis-apt
Fix Suggestion:
Update to version dev-travis-apt
limesurvey/limesurvey (PHP):
Affected version(s) =dev-develop-innodb <dev-display-import-errors-master
Fix Suggestion:
Update to version dev-display-import-errors-master
limesurvey/limesurvey (PHP):
Affected version(s) =dev-global-settings <dev-inject-questionattributes
Fix Suggestion:
Update to version dev-inject-questionattributes
limesurvey/limesurvey (PHP):
Affected version(s) =2018012401.x-dev <dev-activator
Fix Suggestion:
Update to version dev-activator
limesurvey/limesurvey (PHP):
Affected version(s) =3.0.0-RC.1 <3.0.0-RC.2+171102
Fix Suggestion:
Update to version 3.0.0-RC.2+171102
limesurvey/limesurvey (PHP):
Affected version(s) =4.0.0-beta <4.0.0+200116
Fix Suggestion:
Update to version 4.0.0+200116
limesurvey/limesurvey (PHP):
Affected version(s) =dev-booleans1 <dev-querybuilder1
Fix Suggestion:
Update to version dev-querybuilder1
limesurvey/limesurvey (PHP):
Affected version(s) >=3.1.0 <3.14.0+180730
Fix Suggestion:
Update to version 3.14.0+180730
limesurvey/limesurvey (PHP):
Affected version(s) =dev-sid-spaces <dev-snyk-upgrade-568d6fdaf6b84a31b10bdc2cfcabbdfd
Fix Suggestion:
Update to version dev-snyk-upgrade-568d6fdaf6b84a31b10bdc2cfcabbdfd
limesurvey/limesurvey (PHP):
Affected version(s) =dev-install-command-rpc <dev-json-data
Fix Suggestion:
Update to version dev-json-data
limesurvey/limesurvey (PHP):
Affected version(s) >=4.0.0-RC2+190723 <4.0.0-RC4+190930
Fix Suggestion:
Update to version 4.0.0-RC4+190930
limesurvey/limesurvey (PHP):
Affected version(s) =dev-master-innodb-fix <dev-model-find
Fix Suggestion:
Update to version dev-model-find
Related Resources (1)
https://github.com/limesurvey/limesurvey/commit/d3fb278e57e5561a62b1e05c619db5b1c5fbef73
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.1
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
HIGH
User Interaction
NONE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
LOW
Subsequent System Confidentiality
LOW
Subsequent System Integrity
LOW
Subsequent System Availability
LOW
CVSS v3
Base Score:
6.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW