Description

Cross-site request forgery (CSRF) vulnerability in LimeSurvey (formerly PHPSurveyor) before 1.71 allows remote attackers to change arbitrary quotas as administrators via a "modify quota" action.

Remediation

References

CVE-2008-2571

Related Vulnerabilities

WordPress Plugin WP Maintenance Mode & Site Under Construction Security Bypass (1.8.1)

WordPress Plugin fitness calculators Cross-Site Request Forgery (1.9.5)

WordPress Plugin PAYPAL CURRENCY CONVERTER BASIC FOR WOOCOMMERCE Arbitrary File Disclosure (1.3)

WordPress Plugin WP Logs Book Cross-Site Scripting (1.0.1)

WordPress Plugin WooCommerce Cross-Site Scripting (3.4.5)

Severity

Medium

Classification

CVE-2008-2571 CWE-707

Tags

Missing Update Known Vulnerabilities