phpList Improper Neutralization of Formula Elements in a CSV File Vulnerability - CVE-2021-3188 - Vulnerability Database

phpList Improper Neutralization of Formula Elements in a CSV File Vulnerability - CVE-2021-3188

Critical

Reference: CVE-2021-3188

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-3188

Title: phpList Improper Neutralization of Formula Elements in a CSV File Vulnerability

Overview:

phpList 3.6.0 allows CSV injection related to the email parameter and /lists/admin/ exports.