{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-13T19:20:47.500","vulnerabilities":[{"cve":{"id":"CVE-2018-1000513","sourceIdentifier":"cve@mitre.org","published":"2018-06-26T16:29:01.007","lastModified":"2024-11-21T03:40:05.383","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"LimeSurvey version 3.0.0-beta.3+17110 contains a Cross Site Scripting (XSS) vulnerability in Boxes that can result in JS code execution against LimeSurvey admins. This vulnerability appears to have been fixed in 3.6.x."},{"lang":"es","value":"LimeSurvey, en su versión 3.0.0-beta.3+17110, contiene una vulnerabilidad de Cross Site Scripting (XSS) en Boxes que puede resultar en la ejecución de código JavaScript contra los administradores de LimeSurvey. La vulnerabilidad parece haber sido solucionada en las versiones 3.6.x."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:limesurvey:limesurvey:3.0.0:beta.3\\+17110:*:*:*:*:*:*","matchCriteriaId":"9E803E0B-4CF6-4053-B4F1-3C4E93A6807A"}]}]}],"references":[{"url":"https://bugs.limesurvey.org/view.php?id=13560","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Vendor Advisory"]},{"url":"https://bugs.limesurvey.org/view.php?id=13560","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Vendor Advisory"]}]}}]}