Lucene search
GoogleOSV:CVE-2021-23654HistoryNov 26, 2021 - 8:15 p.m.
CVE-2021-23654
2021-11-2620:15:07
Google
osv.dev
1
This affects all versions of package html-to-csv. When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while converting it into a CSV file. Through this a malicious actor can embed or generate a malicious link or execute commands via CSV files.
Related
osv
osv
Improper Neutralization of Formula Elements in a CSV File in html-2-csv
2021-11-30 22:22:16
PYSEC-2021-866
2021-11-26 20:15:00
cnvd
cnvd
Unspecified vulnerability in html2csv
2021-11-30 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2021-11-29 04:02:40
cvelist
cvelist
CVE-2021-23654 Improper Input Validation
2021-11-26 00:00:00
github
github
Improper Neutralization of Formula Elements in a CSV File in html-2-csv
2021-11-30 22:22:16
prion
prion
Design/Logic Flaw
2021-11-26 20:15:00
nvd
nvd
CVE-2021-23654
2021-11-26 20:15:07
cve
cve
CVE-2021-23654
2021-11-26 20:15:07