Lucene search
K

6 matches found

Exploit DB
Exploit DB
added 2017/10/25 12:0 a.m.59 views

KeystoneJS 4.0.0-beta.5 - CSV Excel Macro Injection

Exploit Title: KeystoneJS 4.0.0-beta.5 Unauthenticated CSV Injection Vendor Homepage: http://keystonejs.com/ Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: WEBAPPS Platform: Node.js CVE: CVE-2017-15879 Vendor...

8.8CVSS8.8AI score0.07217EPSS
Exploits4
Packet Storm
Packet Storm
added 2017/10/25 12:0 a.m.48 views

KeystoneJS 4.0.0-beta.5 Unauthenticated CSV Injection

Exploit Title: KeystoneJS 4.0.0-beta.5 Unauthenticated CSV Injection Vendor Homepage: http://keystonejs.com/ Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: WEBAPPS Platform: Node.js CVE: CVE-2017-15879 Vendor...

8.7AI score0.07217EPSS
Exploits4
exploitpack
exploitpack
added 2017/10/25 12:0 a.m.32 views

KeystoneJS 4.0.0-beta.5 - CSV Excel Macro Injection

KeystoneJS 4.0.0-beta.5 - CSV Excel Macro Injection Exploit Title: KeystoneJS 4.0.0-beta.5 Unauthenticated CSV Injection Vendor Homepage: http://keystonejs.com/ Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: WEBAPPS...

6.8CVSS9AI score0.07217EPSS
Exploits4
NVD
NVD
added 2017/10/24 9:29 p.m.13 views

CVE-2017-15879

CSV Injection aka Excel Macro Injection or Formula Injection exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export...

8.8CVSS8.8AI score0.07217EPSS
Exploits4References3
OSV
OSV
added 2017/10/24 9:29 p.m.13 views

CVE-2017-15879

CSV Injection aka Excel Macro Injection or Formula Injection exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export...

8.8CVSS7AI score
Exploits0References3
CVE
CVE
added 2017/10/24 9:0 p.m.76 views

CVE-2017-15879

CVE-2017-15879 affects KeystoneJS before 4.0.0-beta.7. The CSV injection vulnerability arises in the CSV export path via values mishandled in admin/server/api/download.js and lib/list/getCSVData.js, enabling Excel macro/formula injection. Documentation indicates the issue exists prior to version ...

8.8CVSS8.6AI score0.07217EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder