메뉴 건너뛰기

GREATUSER

cve

CVE-2017-18049

관리자 2018.01.25 04:00 조회 수 : 9

In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software (including Microsoft Excel). For example, the CSV data may contain untrusted user input from the "First Name" field of a user's /myprofile page.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18049
번호 제목 글쓴이 날짜 조회 수
482 CVE-2017-16604 관리자 2018.01.25 14
481 CVE-2017-14457 관리자 2018.01.25 14
480 CVE-2017-16647 관리자 2017.11.09 14
479 CVE-2017-11610 관리자 2017.08.27 14
478 CVE-2016-3220 관리자 2016.06.17 14
477 CVE-2017-2741 관리자 2018.01.25 13
476 CVE-2017-2742 관리자 2018.01.25 13
475 CVE-2017-15092 관리자 2018.01.25 13
474 CVE-2017-15091 관리자 2018.01.25 13
473 CVE-2017-15093 관리자 2018.01.25 13
472 CVE-2018-1000016 관리자 2018.01.25 13
471 CVE-2017-17406 관리자 2018.01.25 13
470 CVE-2015-6472 (wago_i/o_plc_750-849_firmware, wago_i/o_plc_750-881_firmware, wago_i/o_plc_758-870_firmware) 관리자 2017.08.27 13
469 CVE-2018-6029 관리자 2018.01.25 12
468 CVE-2017-16607 관리자 2018.01.25 12
위로