Description CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel. Remediation References CVE-2018-7201 Related Vulnerabilities Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12100) WordPress Other Vulnerability (CVE-2007-0107) Highcharts JS Incorrect Regular Expression Vulnerability (CVE-2018-20801) WordPress Plugin GiveWP-Donation and Fundraising Platform SQL Injection (2.5.0) Oracle Database Server CVE-2015-4921 Vulnerability (CVE-2015-4921) Severity High Classification CVE-2018-7201 CWE-1236 Tags Missing Update Known Vulnerabilities