OpenCMS 10.5.4 CSV Injection

Alkacon OpenCMS version 10.5.4 suffers from a CSV injection vulnerability.

MD5 | fc338d8e5cb8a714d217de7750d266ef

Description: OpenCMS v10.5.4 and before is vulnerable to CSV injection in New
User module for parameter First Name and Last Name

Impacted URL is

Payload used is

Further details is available here

Already requested for CVE, yet to receive it.

Related Posts