Zuora Platform

Zuora Billing Zuora Payments Zuora Platform Zuora CPQ Zephr Zuora Revenue Accounts Receivable Release Notes Basics Entitlements Support and policies

Zuora Billing Zuora Payments Zuora Platform Zuora CPQ Zephr Zuora Revenue Accounts Receivable Release Notes Basics Entitlements Support and policies

Welcome to Zuora Product Documentation

Explore our rich library of product information

Zuora Platform

Zuora Platform Contents

Overview

System management

Data management

Security and Identity

Administrator settings

Manage your tenant profile

User management

Extensibility

Integration

Data

Behavior when a risky file is uploaded

Describes the blocking of file uploads containing risky formulas to prevent security risks in CSV files.

If the CSV injection setting is set to Block and a user uploads a file containing risky formulas:

The upload is blocked. A message, “Upload failed due to a formula security risk in the file. Please review the file and try again”, is displayed to the users.
The file is not attached to the customer account.
The user must review and clean the file (for example, remove or encode any formulas that begin with characters such as =, +, -, or @) and then upload the updated file again.

This protection prevents CSV files from executing unintended commands when opened in spreadsheet applications.

Last updated: February 9, 2026

zuora-footer