VYPR

Limesurvey

by INCIBE

CVEs (1)

  • CVE-2025-41376MedAug 1, 2025
    risk 0.34cvss 5.3epss 0.01

    CRLF Injection vulnerability in Limesurvey v2.65.1+170522.  This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via '/index.php/survey/index/sid//token/fwyfw%0d%0aCookie:%20POC'.