3 matches found
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
CVE-2023-28151 affects Independentsoft JSpreadsheet before 1.1.110. The issue is an XML External Entity (XXE) injection via a remote DTD in a DOCX file, arising from the API behavior. Public detail confirms the vulnerable component as JSpreadsheet’s API and the root cause as XXE in DOCX processin...