Application Security, Technology

Exploiting ‘Export as CSV’ functionality:The road to CSV Injection

Many applications provide an option to download some data as a CSV file. More often than not, this downloaded data is user controlled data. For instance, take the scenario where an administrator can export the data of all the users as a CSV file. The fields in the file include the details filled by the users. So technically, the...

by Nikhit Kumar
Tag: formula injection