CVE-2023-53913 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Rukovoditel 3.3.1 contains a CSV injection vulnerability that allows authenticated users to inject malicious formulas into the firstname field. Attackers can cr…
Medium CVSS: 6.2

CVE-2023-53913

Rukovoditel 3.3.1 contains a CSV injection vulnerability that allows authenticated users to inject malicious formulas into the firstname field. Attackers can craft payloads like =calc|a!z| to trigger code execution when an admin exports customer data as a CSV file.
Vendor
Rukovoditel
Product
Rukovoditel
CWE
CWE-1236
Yayın Tarihi
2025-12-17 23:15:49
Güncelleme
2025-12-24 17:55:18
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-1236 Rukovoditel MEDIUM Rukovoditel 2025

Referanslar

https://www.exploit-db.com/exploits/51490 https://www.rukovoditel.net/ https://www.vulncheck.com/advisories/rukovoditel-csv-injection-via-user-account-export https://www.exploit-db.com/exploits/51490