Vendor of the product: Axosoft LLC Product name: Axosoft Scrum and Bug Tracking Version: 22.1.1.11545 Affected Component: Tickets Discoverer: Nakul Singh Vulnerability Name CSV Injection Description Axosoft contains a CSV injection vulnerability which allows an attacker to perform remote code execution. A low privileged attacker can edit ticket and inject payload in the title field. When an administrator accesses the tickets list and exports the data in CSV and opens the file, the payload gets executed and attacker gets reverse shell of the admin's machine. Impact The impact of a CSV injection vulnerability can be severe as an attacker could exploit the vulnerability to execute arbitrary code, compromise sensitive data, or manipulate the behaviour of the application. If the infected file opened in spreadsheet software, it triggers the execution of malicious commands. This could result in unauthorized access, data leakage, or other malicious activities, posing a significant risk to the security and integrity of the affected system. Mitigation To prevent CSV injection vulnerabilities, it is essential to implement proper input validation and sanitization measures. Developers should validate user input to ensure that it conforms to expected formats and does not include any malicious content. Additionally, special characters, especially those with special meaning in CSV files (such as equals sign, plus sign, etc.), should be properly escaped or sanitized. CVSS CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H