CSV Injection vulnerability in /members/moremember.pl and /admin/aqbudgets.pl endpoints in Koha Library Management System version 23.05.05 and earlier allows attackers to to inject DDE commands into csv exports via the Budget and Patrons Member components.
References