CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-24506

Cross Site Scripting (XSS) vulnerability in Lime Survey Community Edition Version v.5.3.32+220817, allows remote attackers to execute arbitrary code via the Administrator email address parameter in the General Setting function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.1%

CVSS Severity

CVSS v3 Score 6.1

References

https://bugs.limesurvey.org/bug_relationship_graph.php?bug_id=19364&graph=relation
https://www.exploit-db.com/exploits/51926
https://bugs.limesurvey.org/bug_relationship_graph.php?bug_id=19364&graph=relation
https://www.exploit-db.com/exploits/51926

Products affected by CVE-2024-24506

Limesurvey » Limesurvey » Version: 5.3.32

cpe:2.3:a:limesurvey:limesurvey:5.3.32

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-24506

Products

Pricing

Contact Us