Flamingo, 6f1dbe1807131bec085dd56cfbb9c0f2fe72fd1f

CVE, Research URL: 6f1dbe1807131bec085dd56cfbb9c0f2fe72fd1f
Home page URL: Security reports for Flamingo
Application: Flamingo
Published on: Jan 15, 2020
Research Description: Flamingo [flamingo] < 2.1.1 Flamingo <= 2.1 - CSV Injection A CSV Injection vulnerability was discovered in Flamingo up to version 2.1. It allows a user with low level privileges to inject OS command that will be included in the exported CSV file, leading to possible command/code execution.
Affected versions: max 2.1.1.
Status: vulnerable