Description

An XML injection vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to import specially crafted XML files and execute code or compromise data integrity.

Remediation

References

CVE-2019-16174

Related Vulnerabilities

Liferay DXP URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-25608)

PostgreSQL Other Vulnerability (CVE-1999-0862)

WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (4.10.7)

WordPress Plugin Count per Day Search Bar Cross-Site Scripting (3.2.2)

WordPress Plugin Better Messages-Live Chat for WordPress, BuddyPress, BuddyBoss, Ultimate Member Multiple Vulnerabilities (1.9.9.37)

Severity

High

Classification

CVE-2019-16174 CWE-611 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities