CVE-2020-25170

Summary

An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0 and earlier via multiple input fields that are mishandled in an Excel export.

Affected Software

VendorProductVersion RangeStatus
B. Braun Melsungen AGOnlineSuiteAP <= 3.0affected

Weaknesses

  • CWE-1236: IMPROPER NEUTRALIZATION OF FORMULA ELEMENTS IN A CSV FILE CWE-1236

ADP Enrichment

CVE Program Container

Additional References

References