Design/Logic Flaw

2020-08-2001:17:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.8%

JSON

A CSV injection (aka Excel Macro Injection or Formula Injection) issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export.

CPENameOperatorVersion
i-doitle1.14.2

CPE	Name	Operator	Version
	i-doit	le	1.14.2

References

www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2020-006