CVE-2021-41824
Improper Neutralization of Formula Elements in a CSV File in packagist/craftcms/cms
Identifiers
CVE-2021-41824, GHSA-h7vq-5qgw-jwwq
Package Slug
packagist/craftcms/cms
Vulnerability
Improper Neutralization of Formula Elements in a CSV File
Description
Craft CMS allows CSV injection.
Affected Versions
All versions starting from 3.4.0 before 3.7.14
Solution
Upgrade to version 3.7.14 or above.
Last Modified
2021-10-14
| source |