We found results for “”
WS-2023-0426
Good to know:
Date: November 7, 2023
Email Sending Abuse in limesurvey before 6.3.3+231106: Users may abuse email sending permissions to send spam or unwanted emails to all group members. This can lead to overload on the email system and waste the recipient's time dealing with irrelevant emails.
Language: PHP
Severity Score
Severity Score
Weakness Type (CWE)
Improper Handling of Insufficient Privileges
CWE-274Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | CHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | LOW |