Description
LimeSurvey before 2.72.4 has Stored XSS by using the Continue Later (aka Resume later) feature to enter an email address, which is mishandled in the admin panel.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2020-2590 Vulnerability (CVE-2020-2590)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3050)
Django Incorrect Default Permissions Vulnerability (CVE-2020-24583)
OpenSSL Improper Input Validation Vulnerability (CVE-2016-6305)
WordPress Plugin Download Plugin Unspecified Vulnerability (1.6.1)