Description
In Limesurvey before 3.17.14, admin users can mark other users' notifications as read.
Remediation
References
Related Vulnerabilities
WordPress Plugin Post Grid PHP Object Injection (2.0.11)
Sqlite Improper Initialization Vulnerability (CVE-2020-11655)
e107 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-1989)
PostgreSQL Other Vulnerability (CVE-2006-5542)
PHP Use of Uninitialized Resource Vulnerability (CVE-2015-8390)