Cross-site request forgery (CSRF) vulnerability in LimeSurvey (formerly PHPSurveyor) before 1.71 allows remote attackers to change arbitrary quotas as administrators via a "modify quota" action.
Software | From | Fixed in |
---|---|---|
limesurvey / limesurvey | - | 1.70.x |
limesurvey / limesurvey | 1.49 | 1.49.x |
limesurvey / limesurvey | 1.52 | 1.52.x |