Description
Limesurvey before 3.17.14 does not enforce SSL/TLS usage in the default configuration.
Remediation
References
Related Vulnerabilities
WordPress Plugin Thumbnail carousel slider Arbitrary File Upload (1.0)
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2015-0228)
WordPress Plugin NextGEN Gallery-WordPress Gallery Directory Traversal (2.1.9)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0724)