CVE-2024-35050
8.8HIGHAn issue in SurveyKing v1.3.1 allows attackers to escalate privileges via re-using the session ID of a user that was deleted by an Admin.
Published: 5/14/2024Updated: 4/23/2025
Description
An issue in SurveyKing v1.3.1 allows attackers to escalate privileges via re-using the session ID of a user that was deleted by an Admin.
AI AnalysisPowered by AI
Affected Products
surveykingsurveyking
1.3.1
References
- https://github.com/javahuang/SurveyKing/issues/57ExploitIssue TrackingThird Party Advisory
- https://github.com/javahuang/SurveyKing/issues/57ExploitIssue TrackingThird Party Advisory