CVE-2022-0182

Description

Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Survey Master.

Affected products

• expresstech / Quiz And Survey Masterversions prior to 7.3.7 – versions prior to 7.3.7

References

• MISChttps://quizandsurveymaster.com/
• MISChttps://wordpress.org/plugins/quiz-master-next/
• MISChttps://jvn.jp/en/jp/JVN72788165/index.html