Description CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel. Remediation References CVE-2018-7201 Related Vulnerabilities WordPress Plugin Interactive Geo Maps Cross-Site Scripting (1.5.8) WordPress Plugin WordPress Photo Gallery by Gallery Bank SQL Injection (3.0.101) WordPress Plugin Cherry Cross-Site Scripting (1.2.8.1) Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14169) Envoy Proxy Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2019-9901) Severity High Classification CVE-2018-7201 CWE-1236 Tags Missing Update Known Vulnerabilities