According to the report here mholt/PapaParse#793 there's a chance that someone could export a formula in the produced csv and use it as an attack on spreadsheets...
This sounds a bit crazy as:
what if someone actually wanted to output a formula in csv?
it isn't us who's under attack
Anyway Snyk seems to have marked this as a high level, so let's leave it hanging and revisit.
Let's watch this for now and see how the situation develops.
Basics:
According to the report here mholt/PapaParse#793 there's a chance that someone could export a formula in the produced csv and use it as an attack on spreadsheets...
This sounds a bit crazy as:
Anyway Snyk seems to have marked this as a high level, so let's leave it hanging and revisit.
Let's watch this for now and see how the situation develops.