메뉴 건너뛰기

GREATUSER

cve

CVE-2017-18049

관리자 2018.01.25 04:00 조회 수 : 207

In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software (including Microsoft Excel). For example, the CSV data may contain untrusted user input from the "First Name" field of a user's /myprofile page.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18049
번호 제목 글쓴이 날짜 조회 수
167 CVE-2017-0081 관리자 2017.03.18 151
166 CVE-2017-2864 관리자 2017.11.09 150
165 CVE-2017-9510 관리자 2017.08.27 150
164 CVE-2017-2740 관리자 2018.01.25 149
163 CVE-2016-0872 관리자 2017.11.09 149
162 CVE-2017-2883 관리자 2017.11.09 149
161 CVE-2017-16547 (graphicsmagick) 관리자 2017.11.09 149
160 CVE-2017-0111 관리자 2017.03.18 149
159 CVE-2017-2893 관리자 2017.11.09 148
158 CVE-2017-0053 관리자 2017.03.18 148
157 CVE-2018-1000013 관리자 2018.01.25 147
156 CVE-2017-5684 관리자 2017.04.04 147
155 CVE-2017-0121 관리자 2017.03.18 147
154 CVE-2017-0083 관리자 2017.03.18 147
153 CVE-2017-0023 관리자 2017.03.18 147
위로