View Issue Details

This bug affects 1 person(s).
 4
IDProjectCategoryView StatusLast Update
17028Bug reportsSurvey editingpublic2021-11-19 11:15
ReporterDenisChenu Assigned ToDenisChenu  
PrioritynormalSeverityminor 
Status closedResolutionfixed 
Product Version4.4.0 
Fixed in Version5.x 
Summary17028: Script are not saved
DescriptionEven as super admin : sript on question are not saved
Steps To ReproduceLog in as super admin,
Edit question
Show script,
add `alert("XSS")` in script part
Save and close: no saved
Additional InformationRemind :
- Script must be readonly for some user (XSS+Disable question script)
- User with XSS+Disable question script can not update script (with hacking HTML)
TagsNo tags attached.
Bug heat4
Complete LimeSurvey version number (& build)4.4.0 github
I will donate to the project if issue is resolvedNo
Browsernot relevant
Database type & versionnot relevant
Server OS (if known)not relevant
Webserver software & version (if known)not relevant
PHP Versionnot relevant

Relationships

related to 17027 closedollehar Bug reports Personal settings " Show script field: " to no throw error 
related to 15693 closedDenisChenu Feature requests Allow simple user to update script with XSS enable 
related to 17008 closedDenisChenu Bug reports Bad label and id in Question editor 

Users monitoring this issue

User List There are no users monitoring this issue.

Activities

DenisChenu

DenisChenu

2021-01-29 09:07

developer  

Peek 29-01-2021 09-06.gif (968,196 bytes)
cdorin

cdorin

2021-01-29 09:52

manager   ~61802

Weird. The fix got lost. Thx for report
DenisChenu

DenisChenu

2021-01-29 09:55

developer   ~61803

Last edited: 2021-11-19 11:15

Can you check with dev to merge https://github.com/LimeSurvey/LimeSurvey/pull/1729/files before …

(same place)
DenisChenu

DenisChenu

2021-11-19 11:15

developer   ~67441

Last edited: 2021-11-19 11:15

Script are saved but not « Set for all languages »

Issue History

Date Modified Username Field Change
2021-01-29 09:07 DenisChenu New Issue
2021-01-29 09:07 DenisChenu File Added: Peek 29-01-2021 09-06.gif
2021-01-29 09:07 DenisChenu Relationship added related to 17027
2021-01-29 09:08 DenisChenu Relationship added related to 15693
2021-01-29 09:52 cdorin Note Added: 61802
2021-01-29 09:52 cdorin Priority none => normal
2021-01-29 09:52 cdorin Status new => confirmed
2021-01-29 09:52 cdorin Sync to Zoho Project => |Yes|
2021-01-29 09:55 DenisChenu Note Added: 61803
2021-01-29 09:56 DenisChenu Relationship added related to 17008
2021-11-19 11:15 DenisChenu Assigned To => DenisChenu
2021-11-19 11:15 DenisChenu Status confirmed => closed
2021-11-19 11:15 DenisChenu Resolution open => fixed
2021-11-19 11:15 DenisChenu Fixed in Version => 5.x
2021-11-19 11:15 DenisChenu Note Added: 67441