In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV injection.
The product saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by a spreadsheet product.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mahara | Mahara | * | 20.04.5 (excluding) |
Mahara | Mahara | 20.10.0 (including) | 20.10.3 (excluding) |
Mahara | Mahara | 21.04.0 (including) | 21.04.2 (excluding) |
Mahara | Mahara | 21.10.0-rc1 (including) | 21.10.0-rc1 (including) |
Mahara | Mahara | 21.10.0-rc2 (including) | 21.10.0-rc2 (including) |