Vulnerability history
2 present
3 patched
Authenticated (Contributor+) Stored CrossSite Scripting via id Parameter vulnerability
6.5
2 May, 2025
Broken Access Control vulnerability
5.3
4 April, 2025
Cross Site Scripting (XSS) vulnerability
6.5
4 April, 2025
Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion via SurveyJS_DeleteFile vulnerability
8.8
28 February, 2025
Arbitrary File Upload vulnerability
9.9
24 October, 2024
