CVE-2019-19676
CVE-2019-19676 affects arxes-tolina 3.0.0. The issue is CSV injection: if an attacker supplies data containing formula code in columns Kundennummer, Firma, Street, PLZ, Ort, Zahlziel, or Bemerkung, a malicious user can create a name containing code that may be exploited when the data is saved/ope...