CSV Injection vulnerability identified in the reporting modules.

Issue #285 new
Adam
created an issue

After performing Twitter OSINT on a user with a specific malicious payload as a username, the resulting CSV and XLSX reports can be created with poisoned data.

Attached is the writeup encrypted with LanMaster53's public key.

Comments (0)

  1. Log in to comment