July 2019 Event - Export to RCE

Date/Time: July 17, 2019, 6:30 PM to 8:30 PM EDT
Location: Room 128 (on the first floor near the library), St. James Campus - Building A, George Brown College, 200 King Street East, Toronto, ON, M5A 3W8

Presentation summary:

Export to RCE

Often web applications will allow users to export data within CSV files. Without proper output sanitization, poisoned CSV files can be created leading to remote code execution when they're opened. This presentation assumes no prior knowledge with CSV injection and will focus on all aspects of the vulnerability (how it works, how to prevent the issue, and more).

Presenter bio:

Adam Greenhill is a senior security consultant at Security Compass. He enjoys staying up to date with the latest security trends and researching new aspects of the industry. Adam is an active member of the security community and has presented at BSides Toronto, OWASP Toronto, Toronto's Cyber Security Meetup, and Sheridan College's ISSessions.