hongancalif/security-advisories

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-56421 ↗	Mar 10, 2026Tuesday, 10 March 2026, 18:17	7.5 HIGH	—
SQL Injection vulnerability in LimeSurvey before v.6.15.4+250710 allows a remote attacker to obtain sensitive information from the database.
CVE-2025-56422 ↗	Mar 10, 2026Tuesday, 10 March 2026, 18:17	9.8 CRITICAL	—
A deserialization vulnerability in LimeSurvey before v6.15.0+250623 allows a remote attacker to execute arbitrary code on the server.