Niklas Deutschmann

**Name of the Vulnerable Software and Affected Versions** Mod survey versions 3.0.x through 3.0.15 and versions 3.2.x through 3.1.x **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via certain survey fields or error messages for malformed query strings. **Recommendations** For Mod survey versions 3.0.x through 3.0.15, update to version 3.0.16-pre2 or later. For Mod survey versions 3.2.x through 3.1.x, update to version 3.2.0-pre4 or later.