CVE-2024-28111

Name of the Vulnerable Software and Affected Versions Canarytokens versions prior to sha-c595a1f8

Description The generation of CSV files for incident history in Canarytokens is vulnerable to a CSV Injection issue. This can be exploited by an attacker who discovers an HTTP-based Canarytoken, targeting the owner if they export the incident history to CSV and open it in a reader like Microsoft Excel. The impact of this issue could lead to code execution on the machine where the CSV file is opened.

Recommendations For versions prior to sha-c595a1f8, update to version sha-c595a1f8 to resolve the issue. As a temporary workaround, consider avoiding the export of incident history to CSV or refrain from opening such files in reader applications until the update is applied.