2 matches found
CVE-2022-26249
Survey King v0.3.0 does not filter data properly when exporting excel files, allowing attackers to execute arbitrary code or access sensitive information via a CSV injection attack...
CVE-2022-26249
Survey King v0.3.0 is affected by a CSV/Excel export data-filtering flaw that allows injection of data into exported files, enabling arbitrary code execution or access to sensitive information. The issue arises from improper data filtering during Excel export (CSV injection vector), as described ...