CVE-2023-3302: Improper Neutralization of Formula Elements in a CSV File

June 23, 2023 (updated June 30, 2023)

Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9.

References

github.com/admidio/admidio/commit/c87a7074a1a73c4851263060afd76aa4d5b6415f
github.com/advisories/GHSA-hm75-8w6h-4f8f
huntr.dev/bounties/5e18619f-8379-464a-aad2-65883bb4e81a
nvd.nist.gov/vuln/detail/CVE-2023-3302

Code Behaviors & Features

Detect and mitigate CVE-2023-3302 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →