CSV Injection Vulnerability in Alkacon OpenCMS v10.5.4 and earlier

CSV Injection Vulnerability in Alkacon OpenCMS v10.5.4 and earlier

CVE-2019-11819 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Alkacon OpenCMS v10.5.4 and before is affected by CSV (aka Excel Macro) Injection in the module New User (/opencms/system/workplace/admin/accounts/user_new.jsp) via the First Name or Last Name.

Learn more about our Cms Pen Testing.