XML Injection Vulnerability in Limesurvey before 3.17.14 Allows Remote Code Execution and Data Compromise
CVE-2019-16174 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
An XML injection vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to import specially crafted XML files and execute code or compromise data integrity.
Learn more about our Web Application Penetration Testing UK.