Vulnerabilities > CVE-2022-46821 - Improper Neutralization of Formula Elements in a CSV File vulnerability in Jackmail 1.2.22

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

jackmail

CWE-1236

NVD

Published: 2023-11-07

Updated: 2023-11-16

Summary

Improper Neutralization of Formula Elements in a CSV File vulnerability in Jackmail & Sarbacane Emails & Newsletters with Jackmail.This issue affects Emails & Newsletters with Jackmail: from n/a through 1.2.22.

Vulnerable Configurations

Part	Description	Count
Application	Jackmail Jackmail Jackmail 1.2.22	1

Common Weakness Enumeration (CWE)

CWE-1236 - Improper Neutralization of Formula Elements in a CSV File

References

https://patchstack.com/database/vulnerability/jackmail-newsletters/wordpress-emails-newsletters-with-jackmail-plugin-1-2-22-csv-injection?_s_id=cve