Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-21241
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting vulnerability in CSV+ prior to 0.8.1 allows a remote unauthenticated attacker to inject an arbitrary script or an arbitrary OS command via a specially crafted CSV file that contains HTML a tag.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Csv+ 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Csv+是日本Masaki Enomoto个人开发者的一个全新的 Csv 编辑器。 CSV+ 存在跨站脚本漏洞,该漏洞源于用户提供的数据未充分清理而存在的。 远程攻击者可以诱骗受害者跟踪特制链接,并在用户浏览器中在易受攻击的网站上下文中执行任意 HTML 和脚本代码。公开的漏洞允许远程攻击者执行跨站点脚本 (XSS) 攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
Plus oneCSV+ prior to 0.8.1 -
II. Public POCs for CVE-2022-21241
#POC DescriptionSource LinkShenlong Link
1👻 [PoC] CSV+ 0.8.0 - Arbitrary Code Execution (CVE-2022-21241)https://github.com/satoki/csv-plus_vulnerabilityPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2022-21241
Please Login to view more intelligence information
V. Comments for CVE-2022-21241

No comments yet

Leave a comment