MantisBT: master-2.25 7f4534c7
| Author | Committer | Branch | Timestamp | Parent |
|---|---|---|---|---|
| dregad | dregad | master-2.25 | 2021-10-29 06:33 | master-2.25 f983c35c |
| Affected Issues | 0029130: CVE-2021-43257: CSV Injection with CSV Export Feature | |||
| Changeset | Escape strings to prevent CSV injection Prefixing the string with a tab when it starts with =, -, + or @. Thanks to Devendra Bhatla for reporting the issue. Fixes 0029130, CVE-2021-43257 |
|||
| mod - core/csv_api.php | Diff File | |||
