Description In Limesurvey before 3.17.14, admin users can mark other users' notifications as read. Remediation References CVE-2019-16181 Related Vulnerabilities WordPress Plugin Email Log Cross-Site Scripting (2.2.2) WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.14) MySQL CVE-2014-4287 Vulnerability (CVE-2014-4287) WordPress Plugin S3 Video Cross-Site Scripting (0.982) WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.6.4) Severity Low Classification CVE-2019-16181 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Tags Missing Update Known Vulnerabilities