4 matches found
CVE-2021-43515
CSV Injection aka Excel Macro Injection or Formula Injection exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file...
CVE-2021-43515
CSV Injection aka Excel Macro Injection or Formula Injection exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file...
CVE-2021-43515
CSV Injection aka Excel Macro Injection or Formula Injection exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file...
CVE-2021-43515
CVE-2021-43515 corresponds to a CSV Injection vulnerability in Kimai 2. The issue arises when creating a new timesheet and entering a payload in the Description field; during CSV export, this input is not sanitized and can be interpreted by spreadsheet programs (e.g., Excel) as formulas or comman...