PT-2019-14565 · Limesurvey Gmbh · Limesurvey

J. Greil

·

Published

2019-09-09

·

Updated

2019-09-10

·

CVE-2019-16185

CVSS v3.1

7.2

High

VectorAV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Limesurvey versions prior to 3.17.14
Description The issue allows admin users to view, update, or delete reserved menu entries without having the proper permissions.
Recommendations For versions prior to 3.17.14, update to version 3.17.14 or later to resolve the issue.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2019-16185

Affected Products

Limesurvey