exploitDog

GHSA-3pqc-wf77-h389

Опубликовано: 27 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 9.8

Описание

Dirsearch 0.4.1 contains a CSV injection vulnerability when using the --csv-report flag that allows attackers to inject formulas through redirected endpoints. Attackers can craft malicious server redirects with comma-separated paths containing Excel formulas to manipulate the generated CSV report.

Dirsearch 0.4.1 contains a CSV injection vulnerability when using the --csv-report flag that allows attackers to inject formulas through redirected endpoints. Attackers can craft malicious server redirects with comma-separated paths containing Excel formulas to manipulate the generated CSV report.

Ссылки

EPSS

Процентиль: 19%

0.00059

Низкий

5.1 Medium

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-1236

Связанные уязвимости

CVE-2021-47901

CVSS3: 9.8

nvd

12 дней назад

Dirsearch 0.4.1 contains a CSV injection vulnerability when using the --csv-report flag that allows attackers to inject formulas through redirected endpoints. Attackers can craft malicious server redirects with comma-separated paths containing Excel formulas to manipulate the generated CSV report.

EPSS

Процентиль: 19%

0.00059

Низкий

5.1 Medium

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-1236