CSV Formula Injection

Another common security issue which is found these days is CSV injection(CSV - Comma Separated Value). Recently I came across a web application which had this bug and I could not stop myself from writing this blogpost.

Approach

What made me to test CSV Injection

Below are few features which made me think to test for CSV injection issue

  • Export Functionality in the web application
  • Export as CSV format
  • User input being exported into the CSV

To Read Complete Blog Click here 🙌

Pankaj Mouriya
Pankaj Mouriya
Security Analyst | AWS Certified Security - Specialty

I Workout, Diving Deep into K8s, AWS Security My Specialty, Find Bugs in Web Applications and drink lots of coffee.