Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-3302: Excel export could lead to execute apps #1433 · Admidio/admidio@c87a707

Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9.

CVE
Open in Source
#git#pdf

Expand Up @@ -233,7 +233,9 @@ public function convertColumnContentForOutput(int $columnNumber, string $format,
// format value for csv export if ($format === ‘csv’) { $outputContent = $content; $content = preg_replace("/\t/", "\\t", $content); $content = preg_replace("/\r?\n/", "\\n", $content); $outputContent = preg_replace("/^[@=±]/", "#", $content); } // pdf should show only text and not much html content elseif ($format === ‘pdf’) { Expand Down

Related news

GHSA-hm75-8w6h-4f8f: Admidio Improper Neutralization of Formula Elements in a CSV File vulnerability

Admidio prior to 4.2.9 is vulnerable toImproper Neutralization of Formula Elements in a CSV File.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE