CSV Export Command Execution Vulnerability

CSV Export Command Execution Vulnerability

CVE-2015-5349 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet.

Learn more about our Cis Benchmark Audit For Apache Http Server.