0.001 Low
EPSS
Percentile
28.6%
cfme is vulnerable to CSV injection. The orchestration templates allow attackers to inject arbitrary CSV content such as formulas and exfiltrate data or further exploit other vulnerabilities.
access.redhat.com/documentation/en-us/red_hat_cloudforms/5.0/html/release_notes
access.redhat.com/errata/RHSA-2020:3358
access.redhat.com/security/cve/cve-2020-10780
access.redhat.com/security/updates/classification/#critical
bugzilla.redhat.com/show_bug.cgi?id=1847794