Authenticated (Contributor+) Stored CrossSite Scripting via id Parameter vulnerability
2 May, 2025
Broken Access Control vulnerability
4 April, 2025
Cross Site Scripting (XSS) vulnerability
4 April, 2025
Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion via SurveyJS_DeleteFile vulnerability
28 February, 2025
Arbitrary File Upload vulnerability
24 October, 2024