Description
Cross Site Scripting (XSS) vulnerability in SurveyJS Survey Creator v.1.9.132 and before, allows attackers to execute arbitrary code and obtain sensitive information via the title parameter in form.
Recommendation
Update the survey-creator package to the latest compatible version. Followings are version details:
- Affected version(s): < 1.9.133
- Patched version(s): 1.9.133
References
Related Issues
- Summernote vulnerable to cross-site scripting - CVE-2024-29504
- Bootstrap Cross-Site Scripting (XSS) vulnerability for data-* attributes - CVE-2024-6485
- nuxt vulnerable to Cross-site Scripting in navigateTo if used after SSR - CVE-2024-34343
- vue-i18n has cross-site scripting vulnerability with prototype pollution - CVE-2024-52809
You might also like:
- Tags:
- npm
- survey-creator
Anything's wrong? Let us know Last updated on March 21, 2024


