Description
In Limesurvey before 3.17.14, admin users can access the plugin manager without proper permissions.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Bannerize SQL Injection (4.0.2)
WordPress Plugin Customer Service Software & Support Ticket System Cross-Site Scripting (5.10.3)
Oracle Database Server CVE-2006-5337 Vulnerability (CVE-2006-5337)
Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-6455)