Description

The downloadZip function in application/controllers/admin/export.php in LimeSurvey through 3.16.1+190225 allows a relative path.

Remediation

References

CVE-2019-9960

Related Vulnerabilities

WordPress Server-Side Request Forgery (3.7 - 6.1.1)

WordPress Plugin W3 Total Cache Backdoor (0.9.2.2)

WordPress Plugin WP Google Maps Cross-Site Scripting (6.3.14)

WordPress Plugin Page Builder:KingComposer-Free Drag and Drop page builder by King-Theme Cross-Site Scripting (2.7.6)

WordPress Plugin WP Prayer Cross-Site Request Forgery (1.5.4)

Severity

Critical

Classification

CVE-2019-9960 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities