Back to limesurvey.org

Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Latest LS-LTS-Version 3.27.31 SQL injection vulnerability fixed?

  • joerghassmann
  • joerghassmann's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
3 years 1 month ago #223356 by joerghassmann
Latest LS-LTS-Version 3.27.31 SQL injection vulnerability fixed? was created by joerghassmann
Please help us help you and fill where relevant:
Your LimeSurvey version: 3.27.31
Own server or LimeSurvey hosting: Own Server (Scientific Linux 7.9)

Topic
Is the security-issue "SQL injection vulnerability via the participant model" fixed in the Limesurvey LTS-Branch 3, e.g. 3.27.31.
Or must I update to Version 5.x?
Thanks and best regards
Joerg


 
The topic has been locked.
More
3 years 1 month ago #223388 by jelo
Replied by jelo on topic Latest LS-LTS-Version 3.27.31 SQL injection vulnerability fixed?
Are you talking about this issue from 2019?
nvd.nist.gov/vuln/detail/CVE-2019-25019
The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
The following user(s) said Thank You: DenisChenu
The topic has been locked.
More
3 years 1 month ago #223389 by jelo
Replied by jelo on topic Latest LS-LTS-Version 3.27.31 SQL injection vulnerability fixed?
This issue was fixed with LS 3.19.0 (build 191008) October 8, 2019.
The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
The topic has been locked.
Moderators: holchtpartner

Lime-years ahead

Online-surveys for every purse and purpose

Pricing & Plans
Get started

Legal

About Us

Open Source