CVE-2018-15474
CVE-2018-15474
CSV Injection (aka Excel Macro Injection or Formula Injection) in /lib/plugins/usermanager/admin.php in DokuWiki 2018-04-22a and earlier allows remote attackers to exfiltrate sensitive data and to execute arbitrary code via a value that is mishandled in a CSV export. NOTE: the vendor has stated "this is not a security problem in DokuWiki.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →