View Issue Details

This bug affects 1 person(s).
IDProjectCategoryView StatusLast Update
13562Bug reportsSecuritypublic2018-04-06 11:47
Reporterstrukt93 Assigned Tomarkusfluer 
Status closedResolutionfixed 
Fixed in Version3.6.x 
Summary13562: CSRF in box deletion

This issue allows an attacker to CSRF an administrator into deleting a box, the following is the vulnerable request:


The last parameter in the path, ID, should be replaced with the appropriate box ID for successful exploitation.

TagsNo tags attached.
Bug heat252
Complete LimeSurvey version number (& build)3.0.0-beta.3+17110
I will donate to the project if issue is resolvedNo
Database type & versionMariaDB
Server OS (if known)Linux/Windows
Webserver software & version (if known)Apache2
PHP Version7.0

Users monitoring this issue

User List There are no users monitoring this issue.




2018-04-05 14:29

administrator   ~47343

Fix committed to master branch:

Related Changesets

LimeSurvey: master d36a92d4

2018-04-05 12:53:42


Details Diff
Fixed issue 13562: CSRF in box deletion Affected Issues
mod - application/controllers/admin/homepagesettings.php Diff File
mod - application/models/Boxes.php Diff File

Issue History

Date Modified Username Field Change
2018-04-02 16:58 strukt93 New Issue
2018-04-05 13:39 markusfluer Assigned To => markusfluer
2018-04-05 13:39 markusfluer Status new => resolved
2018-04-05 13:39 markusfluer Resolution open => fixed
2018-04-05 13:39 markusfluer Fixed in Version => 3.6.x
2018-04-05 14:29 markusfluer Changeset attached => LimeSurvey master d36a92d4
2018-04-05 14:29 markusfluer Note Added: 47343
2018-04-06 11:47 markusfluer Status resolved => closed