Description

Cross-site request forgery (CSRF) vulnerability in LimeSurvey (formerly PHPSurveyor) before 1.71 allows remote attackers to change arbitrary quotas as administrators via a "modify quota" action.

Remediation

References

CVE-2008-2571

Related Vulnerabilities

WordPress Plugin Simple Security Multiple Cross-Site Scripting Vulnerabilities (1.1.5)

OpenSSL Cryptographic Issues Vulnerability (CVE-2008-7270)

WordPress Plugin My Tickets Cross-Site Request Forgery (1.9.10)

WordPress Plugin CSV Import Cross-Site Scripting (1.0)

Perl Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-1238)

Severity

Medium

Classification

CVE-2008-2571 CWE-707

Tags

Missing Update Known Vulnerabilities