Vulnerabilities > CVE-2018-7201 - Improper Neutralization of Formula Elements in a CSV File vulnerability in Projectsend

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

NVD

Published: 2019-05-22

Updated: 2020-08-24

Summary

CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel.

Part	Description	Count
Application	Projectsend Projectsend Projectsend 100 Projectsend Projectsend 102 Projectsend Projectsend 105 Projectsend Projectsend 110 Projectsend Projectsend 155 Projectsend Projectsend 156 Projectsend Projectsend 157 Projectsend Projectsend 161 Projectsend Projectsend 180 Projectsend Projectsend 335 Projectsend Projectsend 375 Projectsend Projectsend 405 Projectsend Projectsend 412 Projectsend Projectsend 514 Projectsend Projectsend 559 Projectsend Projectsend 561 Projectsend Projectsend 582 Projectsend Projectsend 753 Projectsend Projectsend 754 Projectsend Projectsend 756	20