Description CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel. Remediation References CVE-2018-7201 Related Vulnerabilities WordPress Plugin Comment Extra Fields 'cef-upload.php' Arbitrary File Upload (1.7) Oracle Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2002-2347) WebLogic CVE-2018-3197 Vulnerability (CVE-2018-3197) Python Integer Overflow or Wraparound Vulnerability (CVE-2016-5636) WordPress Plugin Myftp SQL Injection (2.0) Severity High Classification CVE-2018-7201 CWE-1236 Tags Missing Update Known Vulnerabilities