Alkacon OpenCMS v10.5.4 and before is affected by CSV (aka Excel Macro) Injection in the module New User (/opencms/system/workplace/admin/accounts/user_new.jsp) via the First Name or Last Name.
Max CVSS
7.8
EPSS Score
0.15%
Published
2019-05-08
Updated
2020-08-24
1 vulnerabilities found