A recent analysis revealed that LimeSurvey 6.10.x makes use of software components that are either officially End-of-Life (EOL) or no longer maintained. This status implies that these packages no longer receive security updates or patches, making them a liability in production environments.

� Recommended Actions

ckeditor4

    Upgrade to the latest available 4.x version if possible (4.25.1), or better: migrate to CKEditor 5, which is actively maintained.

    Note: Officially considered EOL according to endoflife.date.

kcfinder

    The project has been abandoned; consider replacing it with a maintained alternative (e.g., elFinder).

    Retain only in legacy environments if absolutely necessary — not recommended for production use.

Review the entire dependency tree of LimeSurvey and set up automated monitoring for EOL and vulnerable packages.