You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description/Reproduction:
A CSV injection vulnerability exists in Quepid. If a query contains a CSV injection payload, and a user exports and opens the case containing the query, they may be exploited. Possible attacks include code execution, data theft or phishing. A malicious query could come from an imported CSV file using the "Import Ratings" function, or a user adding a query to the case. An example malicious CSV file which could be imported is :
query,docid,rating
star wars,3574597,3
=cmd|' /C notepad'!'A1',55,5
The CSV injection payload =cmd|' /C notepad'!'A1' could also be added as a query to the case.
Recommendation:
Prevent the following characters from beginning at the start of a cell:
Equals to (“=”)
Plus (“+”)
Minus (“-“)
At (“@”)
In addition, consider alerting administrators and users when malicious input is detected. Possibly by looking for any of these characters after a comma in the CSV file and placing a quote at the beginning of them could help fix this issue.
References: https://owasp.org/www-community/attacks/CSV_Injection
The text was updated successfully, but these errors were encountered:
Description/Reproduction:
A CSV injection vulnerability exists in Quepid. If a query contains a CSV injection payload, and a user exports and opens the case containing the query, they may be exploited. Possible attacks include code execution, data theft or phishing. A malicious query could come from an imported CSV file using the "Import Ratings" function, or a user adding a query to the case. An example malicious CSV file which could be imported is :
query,docid,rating
star wars,3574597,3
=cmd|' /C notepad'!'A1',55,5
The CSV injection payload =cmd|' /C notepad'!'A1' could also be added as a query to the case.
Recommendation:
Prevent the following characters from beginning at the start of a cell:
Equals to (“=”)
Plus (“+”)
Minus (“-“)
At (“@”)
In addition, consider alerting administrators and users when malicious input is detected. Possibly by looking for any of these characters after a comma in the CSV file and placing a quote at the beginning of them could help fix this issue.
References: https://owasp.org/www-community/attacks/CSV_Injection
The text was updated successfully, but these errors were encountered: