CVE-2020-29023

LOW Year: 2020
CVSS v3 Score
3.5
Low
CVSS v2 Score
4.9
Medium
Weakness Type
CWE-116
View all →

Vulnerability Description

Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows an authenticated administrator to generate a CSV file that may run arbitrary commands on a victim's computer when opened in a spreadsheet program (like Excel). This issue affects: Secomea GateManager all versions prior to 9.3.

Related Vulnerabilities

CVE-2023-3190

LOW
CVSS:3.5(Low)

Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

CWE-1162023

CVE-2024-47531

LOW
CVSS:3.5(Low)

Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension...

CWE-1162024

CVE-2025-23377

LOW
CVSS:3.4(Low)

Dell PowerProtect Data Manager Reporting, version(s) 19.17, 19.18 contain(s) an Improper Encoding or Escaping of Output vulnerability. A high privileged attacker with local access could potentially ex...

CWE-1162025

CVE-2021-20405

LOW
CVSS:3.1(Low)

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized activities due to improper encoding of output. IBM X-Force ID: 196183.

CWE-1162021

CVE-2020-4282

LOW
CVSS:3.0(Low)

IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow an authenticated user to perform unauthorized actions by bypassing illegal character restrictions. X-Forc...

CWE-1162020

CVE-2020-4850

MEDIUM
CVSS:4.0(Medium)

IBM Spectrum Scale 1.1.1.0 through 1.1.8.4 Transparent Cloud Tiering could allow a remote attacker to obtain sensitive information, caused by the leftover files after configuration. IBM X-Force ID: 19...

CWE-1162020