What the vulnerability does
01Description
Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker survey-maker allows Identity Spoofing.This issue affects Survey Maker: from n/a through <= 5.1.6.3.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
What the vulnerability does
Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker survey-maker allows Identity Spoofing.This issue affects Survey Maker: from n/a through <= 5.1.6.3.
Explanation of Vulnerability in Simple Terms
Survey Maker versions up to 5.1.6.3 contain an authentication bypass vulnerability that allows attackers to modify survey data without proper verification. The flaw requires user interaction—typically clicking a malicious link—but does not require authentication. Site administrators should update to a version newer than 5.1.6.3 to prevent unauthorized survey tampering.
What an attacker can do
Modify survey content or responses without authentication by tricking a user into clicking a link.
Potential impact on your site
Survey data integrity compromised; attackers can alter survey questions, answers, or results without logging in.
Conditions required to exploit
No authentication required. Victim must click a malicious link or visit an attacker-controlled page.
Key dates
External resources
Related vulnerabilities