CVE-2025-54752
CVE-2025-54752
Multiple versions of PowerCMS improperly neutralize formula elements in a CSV file. If a product user creates a malformed entry and a victim user downloads it as a CSV file and opens it in the user's environment, the embedded code may be executed.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L
Produtos afetados
Alfasado Inc. · PowerCMSQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →