CVE-2025-60852 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A CSV Injection vulnerability existed in Instant Developer Foundation versions prior to 25.0.9600. Applications built with affected versions of the framework di…
Medium CVSS: 6.5

CVE-2025-60852

A CSV Injection vulnerability existed in Instant Developer Foundation versions prior to 25.0.9600. Applications built with affected versions of the framework did not properly sanitize user-controlled input before including it in CSV exports. This issue could lead to code execution on the system where the exported CSV file is opened.
Vendor
-
Product
-
CWE
CWE-1236
Yayın Tarihi
2025-10-23 14:15:42
Güncelleme
2025-10-27 13:20:33
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-1236 MEDIUM 2025

Referanslar

https://doc.instantdeveloper.com/eng/default.aspx?artid=a6c69034-d1ee-4057-b19d-40505151ec8e&lang=eng https://github.com/valeriocassoni/CSV-Injection-in-Instant-Developer-Foundation-25.0-PoC https://instantdeveloper.com/lp/cloud-freelance/index.html