Skip to content

Adopt OWASP CSV Injection Sanitization Guideline

CSV file when opened in Spreadsheet will start interpreting values that start with its special conventional marker like (= as FORUMLA)

To ensure interpretation of cell as value OWASP recommends to prefix quote (') for special values.

https://owasp.org/www-community/attacks/CSV_Injection