A CSV injection in arxes-tolina 3.0.0 allows malicious users to gain remote control of other computers. By entering formula code in the following columns: Kundennummer, Firma, Street, PLZ, Ort, Zahlziel, and Bemerkung, an attacker can create a user with a name that contains malicious code. Other us...
9.6CVSS
9.3AI Score
0.002EPSS
4.3CVSS
4.7AI Score
0.001EPSS