Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
captn3m0
8y ago
0 comments
Save
Share
Were you generating CSVs or importing them?
0 comments
1 comments · 1 top-level
top
newest
oldest
e1g
8y ago
Generating CSV/Excel extracts, which included the user's first name and feedback comments verbatim - thus creating 2 injection points for malicious formulas.
j
/
k
navigate · click thread line to collapse
