Csv Injection In Instant Developer Foundation 25.0 Poc
Sign in to watchSource repositories
CVEs (1)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-60852 | Med | 0.42 | 6.5 | 0.00 | Oct 23, 2025 | A CSV Injection vulnerability existed in Instant Developer Foundation versions prior to 25.0.9600. Applications built with affected versions of the framework did not properly sanitize user-controlled input before including it in CSV exports. This issue could lead to code execution on the system where the exported CSV file is opened. |