Vulnerabilities > CVE-2022-29315 - Improper Neutralization of Formula Elements in a CSV File vulnerability in Invicti Acunetix

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
invicti
CWE-1236
critical

Summary

Invicti Acunetix before 14 allows CSV injection via the Description field on the Add Targets page, if the Export CSV feature is used.

Vulnerable Configurations

Part Description Count
Application
Invicti
1