Description CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel. Remediation References CVE-2018-7201 Related Vulnerabilities SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17304) WordPress Plugin Download Plugin Unspecified Vulnerability (1.6.1) WordPress Plugin Page Builder:KingComposer-Free Drag and Drop page builder by King-Theme Arbitrary File Upload (2.7.4) WordPress Plugin All In One Schema.org Rich Snippets Cross-Site Scripting (1.4.4) WordPress Plugin ProPlayer SQL Injection (4.7.9.1) Severity High Classification CVE-2018-7201 CWE-1236 Tags Missing Update Known Vulnerabilities