CVE-2020-14026

Published September 22nd, 2020

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

9.3

HIGH

Affected

PROJECT

Description

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export.

DrunkenShells/Disclosures

Public Disclosures

GitHub