Security Bulletin: CSV Injection (CVE-2019-4490)
Nov 14, 2019 7:00 pm EST
Categorized: High Severity
Share this post:
Maliciously crafted data in UCD could generate a malicious csv download file, when opened with certain unpactched 3rd party tools.
Affected product(s) and affected version(s):
Affected Product(s) | Version(s) |
UCD – IBM UrbanCode Deploy | All |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1107249
from IBM Product Security Incident Response Team https://ift.tt/2NN7B55