CVE-2024-39063
July 9, 2024, 8:15 p.m.
Tags
Product(s) Impacted
Lime Survey
- <= 6.5.12
Description
Lime Survey <= 6.5.12 is vulnerable to Cross Site Request Forgery (CSRF). The YII_CSRF_TOKEN is only checked when passed in the body of POST requests, but the same check isn't performed in the equivalent GET requests.
Weaknesses
Date
Published: July 9, 2024, 8:15 p.m.
Last Modified: July 9, 2024, 8:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
References
https://github.com/
cve@mitre.org