Lucene search
Veracode Vulnerability DatabaseVERACODE:35053HistoryApr 11, 2022 - 9:08 a.m.
CSV Injection
2022-04-1109:08:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
25
csv injection
kevinpapst/kimai2
vulnerability
library
sanitize
parameter
attacker
malicious input
software
EPSS
0.001
Percentile
26.4%
kevinpapst/kimai2 is vulnerable to CSV injection. The vulnerability is possible because the library does not sanitize the $desc parameter, which allows an attacker to inject malicious input.
Related
osv
osv
CVE-2021-43515
2022-04-08 17:15:08
Improper Neutralization of Formula Elements in a CSV File in Kimai 2
2022-04-09 00:00:25
github
github
Improper Neutralization of Formula Elements in a CSV File in Kimai 2
2022-04-09 00:00:25
cve
cve
CVE-2021-43515
2022-04-08 17:15:08
prion
prion
Design/Logic Flaw
2022-04-08 17:15:00
cvelist
cvelist
CVE-2021-43515
2022-04-08 16:23:33
nvd
nvd
CVE-2021-43515
2022-04-08 17:15:08