CVE-2018-16397

CVE-2018-16397

EPSS 1.0%

In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an arbitrary file,

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/LimeSurvey/LimeSurvey/blob/3be9b41e76826b57f5860d18d93b23f47d59d2e4/docs/release_notes.txt#L51