Pornhub: CSV Macro injection in Video Manager (CEMI)

2016-05-11T13:42:39
ID H1:137850
Type hackerone
Reporter awake
Modified 2016-06-22T15:50:31

Description

Missing character escaping in video title delivery of an executable CSV payload to when exporting stats to file.