admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-11-26 21:01:05 +00:00
parent 4396a70ad1
commit 650174c84e
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
2021/23xxx/CVE-2021-23654.json
View File

@ -48,12 +48,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-PYTHON-HTMLTOCSV-1582784"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-PYTHON-HTMLTOCSV-1582784",
"name": "https://snyk.io/vuln/SNYK-PYTHON-HTMLTOCSV-1582784"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/hanwentao/html2csv/blob/master/html2csv/converter.py"
"refsource": "MISC",
"url": "https://github.com/hanwentao/html2csv/blob/master/html2csv/converter.py",
"name": "https://github.com/hanwentao/html2csv/blob/master/html2csv/converter.py"
}
]
},
@ -61,7 +63,7 @@
"description_data": [
{
"lang": "eng",
"value": "This affects all versions of package html-to-csv.\n When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while converting it into a CSV file. Through this a malicious actor can embed or generate a malicious link or execute commands via CSV files.\n"
"value": "This affects all versions of package html-to-csv. When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while converting it into a CSV file. Through this a malicious actor can embed or generate a malicious link or execute commands via CSV files."
}
]
},