WEB APPLICATION VULNERABILITIES Standard & Premium

Craft CMS Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-41824)

Description

Craft CMS before 3.7.14 allows CSV injection.

Remediation

References

Related Vulnerabilities

PHP Other Vulnerability (CVE-2002-0081)

Oracle Application Server Other Vulnerability (CVE-2005-3448)

Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.7)

WordPress Plugin Enable Media Replace SQL Injection and Arbitrary File Upload Vulnerabilities (2.3)

Sqlite Other Vulnerability (CVE-2019-19959)

Severity

High

Classification

CVE-2021-41824 CWE-1236 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities