Hi, > Preface: I think the statement of misuse potential is an insult to the > people involved.
We’ve had several groups misuse data like this in the past and like all software LimeSurvey has security issues [1]. The risk may be low but it exists. > However, they then created their list by scraping public sources of Apache > org addresses and I cut the speaker from our event where they were to > present the results. I believe they created a list than included non apache.org emails as well, i.e. emails people used on the lists. That which probably get a better response rate and a number of angry emails. Take a list at random I can see that about 20% of the email is from an apache.org address, most people tend to use other address other than their apache.org email. Thanks, Justin 1. https://www.cvedetails.com/vulnerability-list/vendor_id-6900/Limesurvey.html
