Get tailored security recommendations from our analyst team for CVE-2020-10780. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV and opens the file with Excel. Once the victim opens the file, the formula executes, triggering any number of possible events. While this is strictly not an flaw that affects the application directly, attackers could use the loosely validated parameters to trigger several attack possibilities.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1847794

https://access.redhat.com/security/cve/cve-2020-10780

Published: 2020-08-11T13:32:24

Last Modified: 2024-08-04T11:14:15.599Z

Copied to clipboard!

CVE-2020-10780

Expert Analysis

Description

Available Exploits

Related News

References

Request Analysis

What to expect

Request Received!