CVE-2025-54752
CVE-2025-54752
Multiple versions of PowerCMS improperly neutralize formula elements in a CSV file. If a product user creates a malformed entry and a victim user downloads it as a CSV file and opens it in the user's environment, the embedded code may be executed.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L
Productos afectados
Alfasado Inc. · PowerCMS¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →