Code Injection Vulnerability in Centers for Disease Control and Prevention MicrobeTRACE 0.1.12

Code Injection Vulnerability in Centers for Disease Control and Prevention MicrobeTRACE 0.1.12

CVE-2018-9113 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial '><script type="text/javascript" src=' line. Fix released on 2018-03-29.

Learn more about our Web Application Penetration Testing UK.