CNNVD-202511-2357 Information

Nov 20, 2025 cve

CNNVD ID

CNNVD-202511-2357

CVE-2025-41075

  • CNNVD Published: 2025-11-20

Description (Chinese)

LimeSurvey(PHPSurveyor)是LimeSurvey团队的一套开源的在线问卷调查程序,它支持调查程序开发、调查问卷发布以及数据收集等功能。 LimeSurvey 6.13.0版本存在安全漏洞,该漏洞源于端点/optin导致无限HTTP重定向,可能导致拒绝服务攻击。

Description (English)

LimeSurvey (PHPSurveyor) is an open-source online questionnaire programme for the LimeSurvey team, which supports the development of survey procedures, the publication of questionnaires and the collection of data. Release 6.1.0 of LimeSurvey has a security loophole, which originates from endpoint/optin and leads to an unlimited reorientation of HTTP, which may lead to a denial of service attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

LimeSurvey

Published

2025-11-20

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-limesurvey-0

Patch

https://www.limesurvey.org/es

Share on: