Описание
A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings.
Ссылки
- Permissions Required
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ncr:terminal_handler:1.5.1:*:*:*:*:*:*:*
EPSS
Процентиль: 22%
0.0007
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-1236
Связанные уязвимости
github
8 месяцев назад
A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings.
EPSS
Процентиль: 22%
0.0007
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-1236