Security Advisory

CVE-2022-21241

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-08 10:30:35

Last updated 2024-08-03 02:31:59

Assigner jpcert

State PUBLISHED

Description

Cross-site scripting vulnerability in CSV+ prior to 0.8.1 allows a remote unauthenticated attacker to inject an arbitrary script or an arbitrary OS command via a specially crafted CSV file that contains HTML a tag.

← Browse all CVEs View on cve.org ↗