Unauthenticated CSV Injection in NetSkope

Overview :
CSV injection in netskope Admin UI (Version 75.0)
Affected Product(s) :
  • Netskope 75.0
Vulnerability Details :
CVE ID : CVE-2020-28845
A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin’s portal thus leads to compromise admin’s system.

Solution :

This Vulnerability has been fixed now in the latest version of NetSkope

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-27535 : KASPERSKY VPN SECURE CONNECTION UP TO 21.5 ON WINDOWS DENIAL OF SERVICE

CVE-2022-27535 : KASPERSKY VPN SECURE CONNECTION UP TO 21.5 ON WINDOWS DENIAL OF SERVICE

Description Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of

CVE-2022-32965 : OMICARD EDM HARD-CODED CREDENTIALS

CVE-2022-32965 : OMICARD EDM HARD-CODED CREDENTIALS

Description OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized

CVE-2022-34619 : MEALIE 0.5.5 SHOPPING LISTS ITEM NAMES CROSS SITE SCRIPTING

CVE-2022-34619 : MEALIE 0.5.5 SHOPPING LISTS ITEM NAMES CROSS SITE SCRIPTING

Description A stored cross-site scripting (XSS) vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via