First published: Wed May 22 2019(Updated: )
CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Projectsend Projectsend | <1053 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this CSV Injection vulnerability is CVE-2018-7201.
The severity of CVE-2018-7201 is high with a CVSS score of 8.8.
CVE-2018-7201 affects ProjectSend version up to (but excluding) r1053.
Victims who import the data into Microsoft Excel are affected by CVE-2018-7201.
Yes, a fix is available for CVE-2018-7201. Users should update to a version beyond r1053.