PT-2025-43514 · Unknown · Instant Developer Foundation
Published
2025-10-23
·
Updated
2025-10-23
·
CVE-2025-60852
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Instant Developer Foundation versions prior to 25.0.9600
Description
A CSV Injection issue existed in the software. Applications built with affected versions did not properly sanitize user-controlled input before including it in CSV exports. This could lead to code execution on the system where the exported CSV file is opened.
Recommendations
Update to version 25.0.9600 or later.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Instant Developer Foundation