exploitDog

CVE-2025-41074

Опубликовано: 20 нояб. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly. This behavior can be exploited to generate a Denegation of Service (DoS attack), by exhausting server or client resources. The system is unable to break the redirect loop, which can cause service degradation or browser instability.

Ссылки

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-limesurvey-0
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:limesurvey:limesurvey:6.13.0:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.0006

Низкий

7.5 High

CVSS3

Дефекты

CWE-835

Связанные уязвимости

CVE-2025-41074

CVSS3: 7.5

debian

3 месяца назад

Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that cause ...

GHSA-2m7v-wmjf-9gq6

CVSS3: 7.5

github

3 месяца назад

Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly. This behavior can be exploited to generate a Denegation of Service (DoS attack), by exhausting server or client resources. The system is unable to break the redirect loop, which can cause service degradation or browser instability.

EPSS

Процентиль: 19%

0.0006

Низкий

7.5 High

CVSS3

Дефекты

CWE-835