Lucene search
China National Vulnerability DatabaseCNVD-2022-06512HistoryNov 30, 2021 - 12:00 a.m.
Unspecified vulnerability in html2csv
2021-11-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
0.003 Low
EPSS
Percentile
71.9%
Html2Csv is an open source utility. It is used to extract tables from Html documents and convert them to Csv format. html2csv suffers from a security vulnerability that stems from the fact that when a formula is embedded in an HTML page, the formula will be accepted without any validation and pushed when converting it to a CSV file. In this way, an attacker can exploit the vulnerability participants can embed or generate malicious links or execute commands via CSV files.
Related
osv
osv
Improper Neutralization of Formula Elements in a CSV File in html-2-csv
2021-11-30 22:22:16
PYSEC-2021-866
2021-11-26 20:15:00
CVE-2021-23654
2021-11-26 20:15:07
veracode
veracode
Cross-site Scripting (XSS)
2021-11-29 04:02:40
cvelist
cvelist
CVE-2021-23654 Improper Input Validation
2021-11-26 00:00:00
github
github
Improper Neutralization of Formula Elements in a CSV File in html-2-csv
2021-11-30 22:22:16
prion
prion
Design/Logic Flaw
2021-11-26 20:15:00
nvd
nvd
CVE-2021-23654
2021-11-26 20:15:07
cve
cve
CVE-2021-23654
2021-11-26 20:15:07