Lucene search
Veracode Vulnerability DatabaseVERACODE:33129HistoryNov 29, 2021 - 4:02 a.m.
Cross-site Scripting (XSS)
2021-11-2904:02:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.003 Low
EPSS
Percentile
71.9%
html_to_csv is vulnerble to cross-site scripting. The vulnerability exists through the formula embedded in a HTML page does not properly validate the input, allowing an attacker to embed or generate a malicious link or execute commands via CSV files.
| CPE | Name | Operator | Version |
|---|---|---|---|
| html-to-csv | le | 0.1.3 | |
| html-to-csv | le | 0.1.3 |
Related
osv
osv
Improper Neutralization of Formula Elements in a CSV File in html-2-csv
2021-11-30 22:22:16
PYSEC-2021-866
2021-11-26 20:15:00
CVE-2021-23654
2021-11-26 20:15:07
cnvd
cnvd
Unspecified vulnerability in html2csv
2021-11-30 00:00:00
cvelist
cvelist
CVE-2021-23654 Improper Input Validation
2021-11-26 00:00:00
github
github
Improper Neutralization of Formula Elements in a CSV File in html-2-csv
2021-11-30 22:22:16
prion
prion
Design/Logic Flaw
2021-11-26 20:15:00
nvd
nvd
CVE-2021-23654
2021-11-26 20:15:07
cve
cve
CVE-2021-23654
2021-11-26 20:15:07