Description

Cross-site request forgery (CSRF) vulnerability in LimeSurvey (formerly PHPSurveyor) before 1.71 allows remote attackers to change arbitrary quotas as administrators via a "modify quota" action.

Remediation

References

CVE-2008-2571

Related Vulnerabilities

IBM RTC Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2020-4544)

WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.7)

WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups SQL Injection (3.44)

WordPress Plugin Copperleaf Photolog 'cplphoto.php' SQL Injection (0.16)

Plone CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7293)

Severity

Medium

Classification

CVE-2008-2571 CWE-707

Tags

Missing Update Known Vulnerabilities