View Issue Details

Jump to NotesJump to History
This issue affects 1 person(s).
 262
IDProjectCategoryView StatusDate SubmittedLast Update
10166Bug reportsSecuritypublic2015-12-18 13:272016-02-17 18:10
Reporterkatoyan Assigned Toc_schmitz  
PriorityhighSeverityminor 
Status closedResolutionno change required 
Product Version2.06+ 
Fixed in Version2.50.x 
Summary10166: Some security issue
Description

Vulnerability description: Using “remember me” function a malicious user can trigger sending of uncontrolled number of emails from admin@yoursite.com to any external email. Modifying the “savename” field value, malicious user can repeat letters without any limitation. Because of this yoursite.com domain may be added to the SPAM databases.

Steps To Reproduce

1) Perform initial survey changes and select “Save to continue later”.
2) Enter any username and password and select an email where you want to send the letter.
3) Repeat this post-request changing only the “savename” field.

TagsNo tags attached.
Bug heat262
Complete LimeSurvey version number (& build)Build 151126
I will donate to the project if issue is resolvedNo
Browser
Database type & versionMySQL 5.5.41
Server OS (if known)Linux 3.2
Webserver software & version (if known)apache 2.0 handler
PHP Version5.4.36

Users monitoring this issue

katoyan

Activities

ollehar

ollehar

2016-02-17 15:30

administrator   ~35323

Last edited: 2016-02-17 15:31

It's possible to enable captcha for this form already.
ollehar

ollehar

2016-02-17 16:56

administrator   ~35324

A possible change would be to enable captcha by default for save-and-load.
c_schmitz

c_schmitz

2016-02-17 18:10

administrator   ~35330

Version 2.50+ Build 160217 released

Issue History

Date Modified Username Field Change
2015-12-18 13:27 katoyan New Issue
2015-12-18 13:45 katoyan Issue Monitored: katoyan
2015-12-18 13:48 c_schmitz Assigned To => c_schmitz
2015-12-18 13:48 c_schmitz Status new => assigned
2016-02-17 15:30 ollehar Note Added: 35323
2016-02-17 15:30 ollehar Status assigned => confirmed
2016-02-17 15:31 ollehar Note Edited: 35323
2016-02-17 16:55 ollehar Status confirmed => resolved
2016-02-17 16:55 ollehar Fixed in Version => 2.5
2016-02-17 16:55 ollehar Resolution open => fixed
2016-02-17 16:55 ollehar Resolution fixed => no change required
2016-02-17 16:56 ollehar Note Added: 35324
2016-02-17 18:10 c_schmitz Note Added: 35330
2016-02-17 18:10 c_schmitz Status resolved => closed
2021-09-10 21:04 guest Bug heat 260 => 262
2022-06-28 16:50 c_schmitz Bug heat 262 => 264
2023-01-26 10:31 2BITS_PL Bug heat 264 => 262