Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Multiple vulnerabilities in Limesurvey

Posted date 11/09/2025
Identificador
INCIBE-2025-0493
Importance
5 - Critical
Affected Resources

Limesurvey prior to v3.0.

Description

INCIBE has coordinated the publication of 2 vulnerabilities: 1 of critical severity and 1 of high severity affecting Limesurvey prior to v3.0 -an online survey tool- which have been discovered by Julen Garrido Estevez (B3xal).

These vulnerabilities have been assigned the following codes, CVSS v3.1 base score, CVSS vector and CWE vulnerability type for each vulnerability:

  • CVE-2025-41375: CVSS v4.0: 9.3 | CVSS AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N | CWE-89.
  • CVE-2025-41376: CVSS v4.0: 5.1 | CVSS AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N | CWE-93.
Solution

The vulnerabilities have been fixed by Limesurvey team in version 3.0.0

Detail
  • CVE-2025-41375: SQL Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability allows an attacker to retrieve, create, update and delete database via 'token' parameter in '/index.php' endpoint.
  • CVE-2025-41376: CRLF Injection vulnerability in Limesurvey v2.65.1+170522.  This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via '/index.php/survey/index/sid/<SID>/token/fwyfw%0d%0aCookie:%20POC'.
CVE
Explotación
No
References list
LimeSurvey
Etiquetas