CVE Daily

CVE-2019-16959

SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Inje...

Medium CVSS 6.5

Overview

SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket.

CWE: CWE-1236 Published: 2020-12-21T16:15:12.977
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 6.5 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags