Security Advisory

CVE-2025-41074

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-20 12:47:05
Last updated 2025-11-20 18:32:02
Assigner INCIBE
State PUBLISHED

Description

Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly. This behavior can be exploited to generate a Denegation of Service (DoS attack), by exhausting server or client resources. The system is unable to break the redirect loop, which can cause service degradation or browser instability.