Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial βSource<script type=βtext/javascriptβ src=β line. Fix released on 2018-03-28.