Security Advisory

CVE-2019-16187

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-09-09 20:21:15

Last updated 2024-08-05 01:10:41

Assigner mitre

State PUBLISHED

Description

Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows attackers to access a cookie value via a client-side script.

← Browse all CVEs View on cve.org ↗