CVE-2021-41824, GHSA-h7vq-5qgw-jwwq
packagist/craftcms/cms
Improper Neutralization of Formula Elements in a CSV File
Craft CMS allows CSV injection.
All versions starting from 3.4.0 before 3.7.14
Upgrade to version 3.7.14 or above.
2021-10-14
source |