Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Craft CMS Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-41824)

Description

Craft CMS before 3.7.14 allows CSV injection.

Remediation

References

Related Vulnerabilities

WordPress Plugin AccessPress Social Counter Cross-Site Scripting (1.3.6)

Oracle Database Server Other Vulnerability (CVE-2001-1041)

WordPress Plugin Another WordPress Classifieds Cross-Site Scripting (3.3.1)

MySQL CVE-2012-0493 Vulnerability (CVE-2012-0493)

PHP Use of Externally-Controlled Format String Vulnerability (CVE-2009-0754)

Severity

High

Classification

CVE-2021-41824 CWE-1236 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities