CVE-2025-54752 Information
Aug 01, 2025
cve
Description
Multiple versions of PowerCMS improperly neutralize formula elements in a CSV file. If a product user creates a malformed entry and a victim user downloads it as a CSV file and opens it in the user’s environment the embedded code may be executed.
Reference
https://jvn.jp/en/vu/JVNVU93412964/ https://www.powercms.jp/news/release-powercms-671-531-461.html
Related CNNVD
CNNVD-202507-3871 (Published: 2025-07-31)
Share on: