Description
A flaw was found in moodle. This formula injection vulnerability occurs when data fields are exported without proper escaping. A remote attacker could exploit this by providing malicious data that, when exported and opened in a spreadsheet, allows arbitrary formulas to execute. This can lead to compromised data integrity and unintended operations within the spreadsheet.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2009-1993 Vulnerability (CVE-2009-1993)
WordPress Plugin 2 Click Social Media Buttons 'xing-url' Parameter Cross-Site Scripting (0.32.2)
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17305)
WordPress Plugin Translate WordPress-Google Language Translator Cross-Site Scripting (5.0.05)