You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Due to not properly filtered user input in versions prior to 1.19.23.5325 a CSV export of a report could contain cells that are treated as formulas by spreadsheet software (for example, when a cell value starts with an equal sign).
Patches
Fixed in version 1.19.23.5325. Update Time Tracker to version 1.19.23.5325 or later,
muffyhub Analyst
Impact
Due to not properly filtered user input in versions prior to 1.19.23.5325 a CSV export of a report could contain cells that are treated as formulas by spreadsheet software (for example, when a cell value starts with an equal sign).
Patches
Fixed in version 1.19.23.5325. Update Time Tracker to version 1.19.23.5325 or later,
Workarounds
No.
References
https://owasp.org/www-community/attacks/CSV_Injection