6 matches found
EUVD-2023-31862
Malicious code in bioql PyPI...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
CVE-2023-28151 affects Independentsoft JSpreadsheet before 1.1.110. The issue is an XML External Entity (XXE) injection via a remote DTD in a DOCX file, arising from the API behavior. Public detail confirms the vulnerable component as JSpreadsheet’s API and the root cause as XXE in DOCX processin...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
PT-2023-21597 · Independentsoft · Jspreadsheet
Name of the Vulnerable Software and Affected Versions: Independentsoft JSpreadsheet versions prior to 1.1.110 Description: An issue was discovered in the API, which is prone to XML external entity XXE injection via a remote DTD in a DOCX file. Recommendations: For versions prior to 1.1.110, updat...