0.001 Low
EPSS
Percentile
37.3%
An unescaped payload in exceljs <v1.6 allows a possible XSS via cell value when worksheet is displayed in browser.
hackerone.com/reports/356809