Количество 2
Количество 2
CVE-2021-23654
This affects all versions of package html-to-csv. When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while converting it into a CSV file. Through this a malicious actor can embed or generate a malicious link or execute commands via CSV files.
GHSA-fwf6-rw69-hhj4
Improper Neutralization of Formula Elements in a CSV File in html-2-csv
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-23654 This affects all versions of package html-to-csv. When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while converting it into a CSV file. Through this a malicious actor can embed or generate a malicious link or execute commands via CSV files. | CVSS3: 5.6 | 1% Низкий | около 4 лет назад |
| GHSA-fwf6-rw69-hhj4 Improper Neutralization of Formula Elements in a CSV File in html-2-csv | CVSS3: 5.6 | 1% Низкий | около 4 лет назад |
Уязвимостей на страницу