Description CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel. Remediation References CVE-2018-7201 Related Vulnerabilities WordPress Plugin WP Server Health Stats Cross-Site Scripting (1.6.10) WordPress Plugin Caret Country Access Limit Cross-Site Scripting (1.0.1) osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-4271) Apache Tomcat Incorrect Default Permissions Vulnerability (CVE-2020-8022) PHP Resource Management Errors Vulnerability (CVE-2011-1148) Severity High Classification CVE-2018-7201 CWE-1236 Tags Missing Update Known Vulnerabilities