limesurvey/limesurvey vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the limesurvey/limesurvey package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS)	<6.5.0
M CSV Injection	<5.6.68
H Open Redirect	<6.6.1
H Local File Inclusion	>=0.0.0
M Improper Resource Shutdown or Release	>=0.0.0
M SQL Injection	>=0.0.0
M Cross-Site Request Forgery (CSRF)	<6.5.14
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	<3.17.14
M Cross-site Scripting (XSS)	<2.2.5 >=2.6.2, <3.17.14
M Cross-site Scripting (XSS)	>=0.0.0
C Arbitrary Code Execution	>=0.0.0
M SQL Injection	>=0.0.0
M Cross-site Scripting (XSS)	<5.3.11+220425
H Arbitrary File Upload	>=0.0.0
M Cross-site Scripting (XSS)	>=3.0.0+171222, <3.27.19+210928
C SQL Injection	<3.19.0
H Cross-site Scripting (XSS)	<3.21.3
H Cross-site Scripting (XSS)	<3.21.3
M Cross-site Scripting (XSS)	>=3.21.1, <3.21.3
M Directory Traversal	>=3.16.1, <3.17.0