Please help us help you and fill where relevant: Your LimeSurvey version: 3.28.13 Own server or LimeSurvey hosting: i believe it's the university server hosting Survey theme/template:
==================
Hello,
So for a research currently being prepared, a committee wanted to know more about the security of LimeSurvey. More specifically, the security concerning unauthorized access to the informations given by my participants. I tried to find it on the LimeSurvey website, but I got little information there, so I don't know if there is a place somewhere to have these informations, or if simply these are kept away from public ?
Security is a process. So when your university is hosting the community edition of LimeSurvey the security process is mostly controlled by the university.
The LimeSurvey version 3.28.13 is from May 2022. All fixes till 3.28.27 are missing currently.If you look up the release logfiles, you see changes in security too.
The access to the responses can be gained to security holes in LimeSurvey. Which you can only prevent in updating often and following the release notes.
The webserver and the database running by your university can have security holes too.
