Description Limesurvey before 3.17.10 does not validate both the MIME type and file extension of an image. Remediation References CVE-2019-15640 Related Vulnerabilities Plone CMS Other Vulnerability (CVE-2006-4249) Python Numeric Errors Vulnerability (CVE-2010-1634) WordPress Plugin WordPress Photo Gallery by Gallery Bank Multiple Cross-Site Scripting Vulnerabilities (2.0.19) WordPress Plugin Activity Log Multiple Cross-Site Scripting Vulnerabilities (2.3.2) PHP Integer Overflow or Wraparound Vulnerability (CVE-2018-14883) Severity High Classification CVE-2019-15640 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Tags Missing Update Known Vulnerabilities