Instant Developer Foundation CSV Injection Vulnerability
Vulnerability
A CSV injection vulnerability has been identified in Instant Developer Foundation versions prior to 25.0.9600. This vulnerability arises because applications built with these affected versions do not adequately sanitize user input before including it in CSV exports. As a result, when the exported CSV file is opened in spreadsheet software like Microsoft Excel or LibreOffice Calc, it can lead to unauthorized code execution on the system.
Impact
Exploitation of this vulnerability could allow local command execution via Excel's Dynamic Data Exchange (DDE) feature, as well as data exfiltration and manipulation within spreadsheets.
Reproduction
To reproduce this vulnerability, insert a payload starting with a plus sign into a user-controllable input field within a table that can be exported as CSV. After exporting the table, open the CSV file in Microsoft Excel or LibreOffice Calc. If using Excel, ensure that DDE launch is enabled, which will trigger the execution of the command included in the payload.
Remediation
Users should update to Instant Developer Foundation version 25.0.9600 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.