Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Where to report potential vulnerabilities found ?

  • maestro1315
  • maestro1315's Avatar Topic Author
  • Visitor
  • Visitor
1 year 9 months ago #229235 by maestro1315
Please help us help you and fill where relevant:
Your LimeSurvey version: Version 3.28.13+220531
Own server or LimeSurvey hosting: Own Server
Survey theme/template:
==================
Where to report potential vulnerabilities found by scanning tools ?

Please Log in to join the conversation.

  • holch
  • holch's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
1 year 9 months ago #229237 by holch
I think you should report it via "private" bug reporting. Do not make it public.

However, changes are high that the scanning tool has reported a false positive. This happens all the time, these tools are not always very accurate.

In any way, it is important to report it and have someone look at it. Better to be safe than sorry.

I answer at the LimeSurvey forum in my spare time, I'm not a LimeSurvey GmbH employee.
No support via private message.

Please Log in to join the conversation.

More
1 year 9 months ago #229245 by maestro1315
Replied by maestro1315 on topic Where to report potential vulnerabilities found ?
Well after many attempts to fix my current account for the bugtracker or create a new one I give up.

Please Log in to join the conversation.

  • holch
  • holch's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
1 year 9 months ago #229251 by holch
The login data for the bug tracker are the same credentials as for the forum. I never had any issues with that.

I answer at the LimeSurvey forum in my spare time, I'm not a LimeSurvey GmbH employee.
No support via private message.

Please Log in to join the conversation.

Lime-years ahead

Online-surveys for every purse and purpose