CSRF Vulnerability in LimeSurvey 3.0.0-beta.3+17110 Allows Admin Box Deletion

CSRF Vulnerability in LimeSurvey 3.0.0-beta.3+17110 Allows Admin Box Deletion

CVE-2018-1000514 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Boxes that can result in CSRF admins to delete boxes. This vulnerability appears to have been fixed in 3.6.x.

Learn more about our Web Application Penetration Testing UK.