Tassos Marinos Developer of Joomla Extensions

Convert Forms 2.0.4 security release

Tassos Marinos Tassos Marinos
Last updated on May 14th 2024
Convert Forms 2.0.4 security release

This is a security release which addresses a vulnerability reported by one of our users (Paladion Networks Pvt. Ltd) that could be exploited through the Leads exported CSV file opened with Excel or any other similar programs.

The solution implemented to secure the CSV file is to prefix the row values starting with =, +, - or @ with a tab character. In case though, you're trying to use the CSV file in an app that doesn't automatically strip the tab characters, you can turn this option off in the component's configuration page.

Read more information here: https://vel.joomla.org/articles/2140-introducing-csv-injection

Join over 47.4K

Subscribers to get free Joomla tips, extension updates, and deals!