Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2019-16187

Published: 09/09/2019 Updated: 24/08/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Limesurvey

Vulnerability Summary

Limesurvey prior to 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows malicious users to access a cookie value via a client-side script.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

limesurvey limesurvey

References

CWE-732https://github.com/LimeSurvey/LimeSurvey/commit/5870fd1037058bc4e43cccf893b576c72293371e#diff-d539f3f8185667ee48db78e1bf65a3b4R48https://www.limesurvey.org/limesurvey-updates/2188-limesurvey-3-17-14-build-190902-releasedhttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmwareCVE-2023-52866CVE-2024-4367CVE-2024-1721CVE-2023-34992XML injectionCVE-2023-52817SQLCVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook