LimeSurvey Security Advisory 10/2015

A vulnerability of high severity was found in LimeSurvey which enables an attacker to get unauthorized access to files and data of your LimeSurvey installation.

The LimeSurvey team thanks Pichaya Morimoto (discovery, analysis) from the SEC Consult Vulnerability Lab ( for responsibly reporting the identified issues and working with us as we addressed them.

Affected Versions: All versions between 2.0+ (all builds) and 2.06+ Build 151014

Severity: HIGH

How to fix: Upgrade to LimeSurvey 2.06+ Build 151016 or later.

We stronlgy advise to upgrade to the latest 2.06+ version immediately, either manually or  using ComfortUpdate.

Copyright © 2006- LimeSurvey GmbH