Vulnerability CVE-2019-16184


Published: 2019-09-09

Description:
A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey participants to inject commands via their survey responses that will be included in the export CSV file.

Type:

CWE-74

Vendor: Limesurvey
Product: Limesurvey 
Version:
3.2.1
3.2.0
3.17.9
3.17.8
3.17.7
3.17.6
3.17.5
3.17.4
3.17.3
3.17.13
3.17.12
3.17.11
3.17.10
3.17.1
3.17.0
3.16.1+190225
3.16.1
3.15.5
3.15.4
3.1.1
3.1.0
3.0.5
3.0.4
3.0.3
3.0.2
3.0.1
3.0.0
2.73.0
2.72.6
2.72.5
2.72.4
2.72.3
2.72.2
2.72.1
2.72.0
2.71.1
2.71.0
2.70.0
2.67.3
2.67.2
2.67.1
2.67.0
2.66.6
2.65.6
2.65.5
2.65.4
2.65.3
2.65.2
2.65.1
2.65.0
2.64.7
2.64.6
2.64.5
2.64.4
2.64.3
2.64.2
2.64.1
2.64.0
2.63.1
2.63.0
2.62.2
2.62.1
2.62.0
2.59.1
2.59.0
2.58.2
2.58.1
2.58.0
2.57.1
2.57.0
2.56.1
2.56.0
2.55.3
2.55.2
2.55.1
2.55.0
2.54.5
2.54.4
2.54.3
2.54.2
2.54.1
2.54.0
2.53.0
2.52.0
2.51.4
2.51.3
2.51.2
2.51.1
2.51.0
2.50.1
2.50
2.06+
2.06
2.05+
2.05
2.00
1.92
1.91+
1.91
1.90+
See more versions on NVD

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
https://github.com/LimeSurvey/LimeSurvey/commit/5870fd1037058bc4e43cccf893b576c72293371e#diff-d539f3f8185667ee48db78e1bf65a3b4R46
https://www.limesurvey.org/limesurvey-updates/2188-limesurvey-3-17-14-build-190902-released

Related CVE
CVE-2019-16187
Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows attackers to access a cookie value via a client-side script.
CVE-2019-16186
In Limesurvey before 3.17.14, admin users can access the plugin manager without proper permissions.
CVE-2019-16185
In Limesurvey before 3.17.14, admin users can view, update, or delete reserved menu entries without proper permissions.
CVE-2019-16183
In Limesurvey before 3.17.14, admin users can run an integrity check without proper permissions.
CVE-2019-16182
A reflected cross-site scripting (XSS) vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to inject arbitrary web script or HTML via extensions of uploaded files.
CVE-2019-16181
In Limesurvey before 3.17.14, admin users can mark other users' notifications as read.
CVE-2019-16180
Limesurvey before 3.17.14 allows remote attackers to bruteforce the login form and enumerate usernames when the LDAP authentication method is used.
CVE-2019-16179
Limesurvey before 3.17.14 does not enforce SSL/TLS usage in the default configuration.

Copyright 2019, cxsecurity.com

 

Back to Top