0.002 Low
EPSS
Percentile
64.9%
craftcms/cms is vulnerable to CSV injection. Lack of some sanity/escaping check prior to inserting the data to the CSV document allows an attacker to inject malicious input.
github.com/craftcms/cms/blob/develop/CHANGELOG.md#3714---2021-09-28
github.com/craftcms/cms/blob/main/CHANGELOG.md#3714---2021-09-28
github.com/craftcms/cms/security/advisories/GHSA-h7vq-5qgw-jwwq
github.com/thephpleague/csv/issues/268
twitter.com/craftcmsupdates/status/1442928690145366018