Multiple CSV Injection Vulnerabilities in WeCube Platform 3.2.2

Multiple CSV Injection Vulnerabilities in WeCube Platform 3.2.2

CVE-2022-37786 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

An issue was discovered in WeCube Platform 3.2.2. There are multiple CSV injection issues: the [Home / Admin / Resources] page, the [Home / Admin / System Params] page, and the [Home / Design / Basekey Configuration] page.

Learn more about our Web Application Penetration Testing UK.