Apache · Apache Ldap Studio · CVE-2015-5349
**Name of the Vulnerable Software and Affected Versions**
Apache LDAP Studio and Apache Directory Studio versions prior to 2.0.0-M10
**Description**
The issue concerns the CSV export functionality, which fails to properly escape field values. This could allow attackers to execute arbitrary commands by crafting a specific LDAP entry that is interpreted as a formula when imported into a spreadsheet.
**Recommendations**
For versions prior to 2.0.0-M10, update to version 2.0.0-M10 or later to resolve the issue.