4 matches found
CVE-2022-21241
creationtimestamp| type| source ---|---|--- 2022-02-08 14:36:57+00:00| seen| https://t.me/cibsecurity/36988 2022-05-28 14:39:33+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/1482 2024-10-11 22:00:31+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/5380...
CVE-2022-21241
CSV+ prior to 0.8.1 is vulnerable to cross-site scripting: a remote unauthenticated attacker can inject arbitrary script or OS commands via a specially crafted CSV containing an HTML tag. Affected versions are CSV+ before 0.8.1; remediation is to update to v0.8.1 or later. CVSS details in source...
CVE-2022-21241
Cross-site scripting vulnerability in CSV+ prior to 0.8.1 allows a remote unauthenticated attacker to inject an arbitrary script or an arbitrary OS command via a specially crafted CSV file that contains HTML a tag...
CVE-2022-21241
Cross-site scripting vulnerability in CSV+ prior to 0.8.1 allows a remote unauthenticated attacker to inject an arbitrary script or an arbitrary OS command via a specially crafted CSV file that contains HTML a tag...