CVE-2019-13144
myTinyTodo 1.3.3 through 1.4.3 allows CSV Injection. This is fixed in 1.5.
9.8CVSS
9.1AI Score
0.002EPSS