CVE-2021-3188

phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports.
References
Link Resource
https://wehackmx.com/security-research/WeHackMX-2021-001/ Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:phplist:phplist:3.6.0:*:*:*:*:*:*:*

Information

Published : 2021-01-26 06:16

Updated : 2021-02-03 11:07


NVD link : CVE-2021-3188

Mitre link : CVE-2021-3188

Products Affected
No products.
CWE
CWE-1236

Improper Neutralization of Formula Elements in a CSV File