{"id":"BIT-limesurvey-2020-22607","details":"Cross Site Scripting vulnerabilty in LimeSurvey 4.1.11+200316 via the (1) name and (2) description parameters in application/controllers/admin/PermissiontemplatesController.php.","aliases":["CVE-2020-22607"],"modified":"2025-04-03T14:40:37.652Z","published":"2024-03-06T10:57:08.476Z","database_specific":{"severity":"Medium","cpes":["cpe:2.3:a:limesurvey:limesurvey:4.1.11\\+200316:*:*:*:*:*:*:*","cpe:2.3:a:limesurvey:limesurvey:*:*:*:*:*:*:*:*"]},"references":[{"type":"WEB","url":"https://github.com/LimeSurvey/LimeSurvey/commit/2aada33c76efbbc35d33c149ac02b1dc16a81f62"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-22607"}],"affected":[{"package":{"name":"limesurvey","ecosystem":"Bitnami","purl":"pkg:bitnami/limesurvey"},"ranges":[{"type":"SEMVER","events":[{"introduced":"4.1.11"},{"fixed":"4.1.12"}]}],"database_specific":{"source":"https://github.com/bitnami/vulndb/tree/main/data/limesurvey/BIT-limesurvey-2020-22607.json"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}],"schema_version":"1.7.3"}