A CSV Injection vulnerability was discovered in HRSALE...
High severity
Unreviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
May 1, 2018
Published to the GitHub Advisory Database
May 13, 2022
Last updated
Feb 1, 2023
A CSV Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
References