Lucene search
GoogleOSV:GHSA-FWF6-RW69-HHJ4HistoryNov 30, 2021 - 10:22 p.m.
Improper Neutralization of Formula Elements in a CSV File in html-2-csv
2021-11-3022:22:16
Google
osv.dev
8
0.003 Low
EPSS
Percentile
71.9%
This affects all versions of package html-to-csv. When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while converting it into a CSV file. Through this a malicious actor can embed or generate a malicious link or execute commands via CSV files.
| CPE | Name | Operator | Version |
|---|---|---|---|
| html-to-csv | eq | 0.1.0 | |
| html-to-csv | eq | 0.1.2 | |
| html-to-csv | eq | 0.0.3.post1 | |
| html-to-csv | eq | 0.0.1 | |
| html-to-csv | eq | 0.1.3 | |
| html-to-csv | eq | 0.1.1 | |
| html-to-csv | eq | 0.0.2 |
Related
cnvd
cnvd
Unspecified vulnerability in html2csv
2021-11-30 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2021-11-29 04:02:40
cvelist
cvelist
CVE-2021-23654 Improper Input Validation
2021-11-26 00:00:00
github
github
Improper Neutralization of Formula Elements in a CSV File in html-2-csv
2021-11-30 22:22:16
osv
osv
PYSEC-2021-866
2021-11-26 20:15:00
CVE-2021-23654
2021-11-26 20:15:07
prion
prion
Design/Logic Flaw
2021-11-26 20:15:00
nvd
nvd
CVE-2021-23654
2021-11-26 20:15:07
cve
cve
CVE-2021-23654
2021-11-26 20:15:07