19318: I can stored XSS in limesurvey in latest version - LimeSurvey bugs and feature requests

This bug affects 1 person(s).

252

ID	Project	Category	View Status	Date Submitted	Last Update

19318	Bug reports	Security	public	2023-12-19 16:11	2024-01-09 10:35

Reporter	ngosytuan	Assigned To	DenisChenu
Priority	none	Severity	feature
Status	closed	Resolution	no change required
Product Version	6.3.x

Summary	19318: I can stored XSS in limesurvey in latest version
Description	Stored XSS, also known as persistent XSS, is the more damaging than non-persistent XSS. It occurs when a malicious script is injected directly into a vulnerable web application. Impact The attacker can steal data from whoever view the survey.
Steps To Reproduce	login limesurvey click new survey , fill in Title of the study: "><Script>alert(document.domain)</Script> click new survey to create survey now, you can click survey preview , document.domain XSS will trigger
Tags	No tags attached.
Attached Files	poc1.png (91,528 bytes) poc1.png (91,528 bytes) poc2.png (37,014 bytes) poc2.png (37,014 bytes)

Bug heat	252
Complete LimeSurvey version number (& build)	LimeSurvey Cloud Version 6.3.9
I will donate to the project if issue is resolved	No
Browser
Database type & version	none
Server OS (if known)
Webserver software & version (if known)
PHP Version	none

User List	There are no users monitoring this issue.

DenisChenu 2023-12-19 17:33 developer ~79050	https://manual.limesurvey.org/Global_settings/en#Security Hint: The super admins never have their HTML filtered when saved or on public survey view. To see the effects of XSS filtering, it is advised to use a regular user account. XSS is to gain more right than you already have : but if you already superadmin : you already have all DB account etc … Please : reopen only with a simple user (not superamdin)

DenisChenu 2023-12-19 17:33 developer ~79051	Confirm you use 1st account : we can close it.

DenisChenu 2024-01-09 10:35 developer ~79111	No feedback : superadmin have all permission

Date Modified	Username	Field	Change
2023-12-19 16:11	ngosytuan	New Issue
2023-12-19 16:11	ngosytuan	File Added: poc1.png
2023-12-19 16:11	ngosytuan	File Added: poc2.png
2023-12-19 17:33	DenisChenu	Note Added: 79050
2023-12-19 17:33	DenisChenu	Bug heat	6 => 8
2023-12-19 17:33	DenisChenu	Assigned To	=> DenisChenu
2023-12-19 17:33	DenisChenu	Status	new => feedback
2023-12-19 17:33	DenisChenu	Note Added: 79051
2023-12-19 17:33	DenisChenu	Category	LimeSurvey Website => Security
2023-12-19 17:33	DenisChenu	View Status	private => public
2023-12-19 17:33	DenisChenu	Bug heat	8 => 252
2024-01-09 10:35	DenisChenu	Status	feedback => closed
2024-01-09 10:35	DenisChenu	Resolution	open => no change required
2024-01-09 10:35	DenisChenu	Note Added: 79111