CVE-2019-12331

PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml...

CVE-2019-12331

PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml...

Xxe

PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml...

CVE-2019-12331

PHPOffice PhpSpreadsheet before 1.8.0 contains an XXE flaw in the XML handling of sheet1.xml. The XmlScanner decodes sheet1.xml to UTF-8 when a non-UTF-8 encoding is declared, and an attacker can double-encode payloads in UTF-7 to bypass the string check for , enabling XML External Entity (XXE) p...

CVE-2019-12331

PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml...

Denial Of Service (DoS)

Apache Xerces2 is vulnerable to Denial-of-Service DoS attacks. The vulnerability exists in XMLScanner.java in Apache Xerces2 Java due to the way it handles malformed XML input. A malicious user can create a XML file with an invalid literal, or add a high surrogate character to cause the infinite...