1 comment

[ 62.6 ms ] story [ 281 ms ] thread
This is annoying. How is this a exploit against Docuwiki, when it's clearly a crafted-CSV exploit against Excel? Did the security researcher raise a CVE against notepad.exe for also being able to generate .CSV files that would provoke this behavior in Excel?

Is it common for researchers to publish obviously-wrong CVEs?