CVE-2022-40294

The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers.
References
Configurations

Configuration 1

cpe:2.3:a:phppointofsale:php_point_of_sale:19.0:*:*:*:*:*:*:*

Information

Published : 2022-10-31 09:15

Updated : 2022-11-03 02:50


NVD link : CVE-2022-40294

Mitre link : CVE-2022-40294

Products Affected
No products.
CWE
CWE-1236

Improper Neutralization of Formula Elements in a CSV File