CVE-2023-33410

Published
View on NVD ↗
CVSS v3
8.8
HIGH
CVSS v2
N/A
Affected
2
PROJECTS

Description

Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on the Customer Name field in the Accounting module that is used to construct a CSV file.

minical/minical
minical/minicalUNAVAILABLE
Minical is an open-source PMS with extension management baked-in. It's designed for the companies looking for highly customizable property management software.
GitHubGitHub
233
Thirukrishnan/CVE-2023-33410
Thirukrishnan/CVE-2023-33410
GitHubGitHub