CVE-2019-25019

LimeSurvey before 4.0.0-RC4 allows SQL injection via the participant model.

View Full Alert