Description
Limesurvey before 3.17.14 does not enforce SSL/TLS usage in the default configuration.
Remediation
References
Related Vulnerabilities
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2009-3094)
Oracle Database Server Improper Authentication Vulnerability (CVE-2012-3137)
WordPress Plugin Limit Login Attempts Reloaded Security Bypass (2.7.4)
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-17081)
WordPress Plugin WooCommerce Multi Currency-Currency Switcher Security Bypass (2.1.17)