Expresstech: >> Quiz And Survey Master >> 7.3.5 Security Vulnerabilities
Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to hijack the authentication of administrators and conduct arbitrary operations via a specially crafted web page.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-01-17
Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.007
Published
2022-01-17
Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Survey Master.
CVSS Score
5.4
EPSS Score
0.005
Published
2022-01-17
Page 3