Security Advisory

CVE-2021-43257

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-14 19:25:45
Last updated 2024-08-04 03:55:28
Assigner mitre
State PUBLISHED

Description

Lack of Neutralization of Formula Elements in the CSV API of MantisBT before 2.25.3 allows an unprivileged attacker to execute code or gain access to information when a user opens the csv_export.php generated CSV file in Excel.