Description
In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an arbitrary file,
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Download Manager 'cid' Parameter Cross-Site Scripting (2.2.2)
Django Improper Input Validation Vulnerability (CVE-2014-3730)
WordPress Plugin Request Quote via Whatsapp for Woocommerce Cross-Site Scripting (1.0.1)
WordPress Plugin WP Courses LMS Security Bypass (2.0.28)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1835)