Vulnerability Database

316,882

Total vulnerabilities in the database

CVE-2019-11819

Alkacon OpenCMS v10.5.4 and before is affected by CSV (aka Excel Macro) Injection in the module New User (/opencms/system/workplace/admin/accounts/user_new.jsp) via the First Name or Last Name.

Published: May 8, 2019
Updated: Nov 9, 2025
CVE: CVE-2019-11819
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-1236

Affected Software
References

Software	From	Fixed in
alkacon / opencms	-	10.5.4.x

https://github.com/alkacon/opencms-core/issues/636
https://www.openwall.com/lists/oss-security/2019/05/05/2

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo