CVE-2017-18049
In SilverStripe, the CSV export feature is vulnerable to Macro Injection, where output may contain macros or scripts susceptible to execution when opened in software like Microsoft Excel. Affected versions are before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1; the issue arises from un-saniti...