CVE-2021-3188

2021-01-2618:16:28

Google

osv.dev

6.8 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.4%

JSON

phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports.

CPENameOperatorVersion
phplist3eq3.4.5
phplist3eq3.3.6
phplist3eq3.2.7
phplist3eq3.3.2
phplist3eq3.3.0
phplist3eq3.2.0-RC1
phplist3eq3.3.1
phplist3eq3.4.9
phplist3eq.3.3.5
phplist3eq3.5.9

Name	Operator	Version
phplist3	eq	3.4.5
phplist3	eq	3.3.6
phplist3	eq	3.2.7
phplist3	eq	3.3.2
phplist3	eq	3.3.0
phplist3	eq	3.2.0-RC1
phplist3	eq	3.3.1
phplist3	eq	3.4.9
phplist3	eq	.3.3.5
phplist3	eq	3.5.9