Description

An XML injection vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to import specially crafted XML files and execute code or compromise data integrity.

Remediation

References

CVE-2019-16174

Related Vulnerabilities

Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2005-2970)

WordPress Plugin Contact Form DB Cross-Site Request Forgery (2.8.31)

Internet Information Services Other Vulnerability (CVE-1999-0738)

Joomla! Core 2.5.x SQL Injection (2.5.0 - 2.5.1)

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3992)

Severity

High

Classification

CVE-2019-16174 CWE-611 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities