CVE-2024-28635 – SurveyJS Survey Creator 1.9.132 Cross Site Scripting

https://notcve.org/view.php?id=CVE-2024-28635

19 Mar 2024 — Cross Site Scripting (XSS) vulnerability in SurveyJS Survey Creator v.1.9.132 and before, allows attackers to execute arbitrary code and obtain sensitive information via the title parameter in form. Vulnerabilidad de Cross Site Scripting (XSS) en SurveyJS Survey Creator v.1.9.132 y anteriores, permite a los atacantes ejecutar código arbitrario y obtener información confidencial a través del parámetro de título en el formulario. SurveyJS Survey Creator versions 1.9.132 and below suffer from both reflective a... • https://packetstorm.news/files/id/177658 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •