CVE-2019-16177: Infoleak
First published: Mon Sep 09 2019(Updated: )
In Limesurvey before 3.17.14, the entire database is exposed through browser caching.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Limesurvey Limesurvey | <3.17.14 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-16177.
What is the severity level of CVE-2019-16177?
CVE-2019-16177 has a severity level of high.
How does CVE-2019-16177 affect Limesurvey?
CVE-2019-16177 exposes the entire database in Limesurvey versions before 3.17.14 through browser caching.
What is the recommended version of Limesurvey to fix CVE-2019-16177?
To fix CVE-2019-16177, you should upgrade to Limesurvey version 3.17.14 or later.
Where can I find more information about CVE-2019-16177?
More information about CVE-2019-16177 can be found at the following references: [Link 1](https://github.com/LimeSurvey/LimeSurvey/commit/5870fd1037058bc4e43cccf893b576c72293371e#diff-d539f3f8185667ee48db78e1bf65a3b4R53) and [Link 2](https://www.limesurvey.org/limesurvey-updates/2188-limesurvey-3-17-14-build-190902-released).
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/limesurvey
- canonical/limesurvey limesurvey