LimeSurvey Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-36993

LimeSurvey 4.3.10 contains a stored cross-site scripting vulnerability in the Survey Menu functionality of the administration panel. Attackers can inject malicious SVG scripts through the Surveymenutitle and Surveymenuparent_id parameters to execute arbitrary JavaScript in administrative contexts.