2 matches found
LimeSurvey < 3.17.14 Multiple Vulnerabilities
LimeSurvey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-16187
LimeSurvey prior to 3.17.14 is affected. The root cause is an anti‑CSRF cookie that is not HttpOnly, allowing client‑side scripts to access the cookie value. This can lead to exposure of cookie data and constitutes a high-risk issue per CVSS2/3.1 metrics (base scores 5.0/7.5 respectively). The ad...