Description CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel. Remediation References CVE-2018-7201 Related Vulnerabilities WordPress Plugin WP REST API (WP API) Security Bypass (1.2.1) Oracle JRE CVE-2013-2420 Vulnerability (CVE-2013-2420) WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction SQL Injection (3.7.1.5) WordPress Plugin Verification Code for Comments Multiple Cross-Site Scripting Vulnerabilities (2.1.0) PostgreSQL Other Vulnerability (CVE-2002-1399) Severity High Classification CVE-2018-7201 CWE-1236 Tags Missing Update Known Vulnerabilities