Limesurvey · Limesurvey · CVE-2018-16397
**Name of the Vulnerable Software and Affected Versions**
LimeSurvey versions prior to 3.14.7
**Description**
The issue allows an admin user to read an arbitrary file by leveraging a "file upload" question.
**Recommendations**
For versions prior to 3.14.7, update to version 3.14.7 or later to resolve the issue.