Description
Limesurvey before 3.17.14 does not enforce SSL/TLS usage in the default configuration.
Remediation
References
Related Vulnerabilities
WordPress Plugin ActiveCampaign-Forms, Site Tracking, Live Chat Unspecified Vulnerability (5.7)
Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.3)
PHP Cryptographic Issues Vulnerability (CVE-2011-3189)
WordPress Plugin Event post Local File Inclusion (5.9.5)
WordPress Plugin Post Recommendations for WordPress 'api.php' Remote File Include (1.1.2)