Show filters
12 Total Results
Displaying 11-12 of 12
Sort by:
Attacker Value
Unknown

CVE-2017-15879

Disclosure Date: October 24, 2017 (last updated November 26, 2024)
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export.
0
0
Attacker Value
Unknown

CVE-2017-15878

Disclosure Date: October 24, 2017 (last updated November 26, 2024)
A cross-site scripting (XSS) vulnerability exists in fields/types/markdown/MarkdownType.js in KeystoneJS before 4.0.0-beta.7 via the Contact Us feature.
0
0
View More Topics  < Previous