CVE-2025-66834

Description

A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a normal user to inject malicious spreadsheet formulas into exported chat logs via crafted Display Name.

PUBLISHED Reserved 2025-12-08 | Published 2025-12-30 | Updated 2025-12-30 | Assigner mitre

References

trueconf.com

github.com/...-References/blob/main/CVE-2025-66834/README.md

cve.org (CVE-2025-66834)

nvd.nist.gov (CVE-2025-66834)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.