Description
Cross-site request forgery (CSRF) vulnerability in LimeSurvey (formerly PHPSurveyor) before 1.71 allows remote attackers to change arbitrary quotas as administrators via a "modify quota" action.
Remediation
References
Related Vulnerabilities
LimeSurvey Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-16174)
WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Cross-Site Scripting (1.1.5.1)
PHP Other Vulnerability (CVE-2011-0420)
XWiki Incorrect Authorization Vulnerability (CVE-2023-32069)
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2026-45484)