Description

Craft CMS before 3.7.14 allows CSV injection.

Remediation

References

CVE-2021-41824

Related Vulnerabilities

Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3271)

WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Disclosure (1.0.4)

WordPress Plugin WordPress Calls to Action Unspecified Vulnerability (2.3.5)

Restlet Framework Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-14868)

Resin Application Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-2966)

Severity

High

Classification

CVE-2021-41824 CWE-1236 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities