Name of the Vulnerable Software and Affected Versions Inventree versions prior to 0.8.0 Inventree versions 0.7.x prior to 0.7.2

Description The issue arises from insufficient sanitization of datasets exported to files, such as CSV or XLS, which can lead to potential formula injection. Users who export untrusted data are advised to open the files in safe mode, for example, in Microsoft Excel.

Recommendations For Inventree versions prior to 0.8.0, update to version 0.8.0 or later to resolve the issue. For Inventree versions 0.7.x, update to version 0.7.2 or later to resolve the issue. As a temporary workaround, consider opening exported files in safe mode until a patch is applied.