Name of the Vulnerable Software and Affected Versions:

PowerCMS (affected versions not specified)

Description:

Multiple versions of PowerCMS improperly neutralize formula elements within a CSV file. A malicious user can create a crafted CSV entry. If a victim user downloads and opens this file in their environment, the embedded code may be executed.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.