| 제목 | code-projects rental-management-system 2.0 CRLF Injection |
|---|
| 설명 | In Transaction.java, user-controlled input (for example: customer name, location or contact) is written directly into the transaction log file without any sanitization. If the input contains CR (\r) or LF (\n) characters, an attacker can inject additional lines into the log (a CRLF injection). This allows an attacker to tamper with audit records, insert forged entries, confuse parsers that consume the log, or—when exported to CSV/Excel—perform formula injection that may lead to client-side risks.
Root cause: the code concatenates and prints raw user strings (e.g. `outFile.println("Full Name: " + aCustomer.getFullName());`) without removing or escaping control characters.
Impact: injected newlines can split or fake log records (breaking integrity and trust of audit data), can break automated parsing or reporting pipelines, and can be weaponized when data is exported (CSV/Excel) to trigger formula execution on the client side. The correct mitigation is to sanitize or escape input before writing, prefer structured logging (JSON) or a database for records, and apply CSV/Excel-specific escaping for exports.
|
|---|
| 원천 | ⚠️ https://github.com/asd1238525/cve/blob/main/CRLF.md |
|---|
| 사용자 | fanti (UID 93062) |
|---|
| 제출 | 2025. 11. 28. PM 05:39 (7 개월 ago) |
|---|
| 모더레이션 | 2025. 12. 11. AM 10:16 (13 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 335872 [code-projects Rental Management System 2.0 Log Transaction.java 권한 상승] |
|---|
| 포인트들 | 20 |
|---|