4 matches found
CVE-2024-48917
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which should prevent XXE attacks. However, in a bypass of the previously reported CVE-2024-47873, the regexes from the findCharSet method, which is used for determining the current...
CVE-2024-48917 XXE in PHPSpreadsheet's XLSX reader
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which should prevent XXE attacks. However, in a bypass of the previously reported CVE-2024-47873, the regexes from the findCharSet method, which is used for determining the current...
CVE-2024-48917 XXE in PHPSpreadsheet's XLSX reader
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which should prevent XXE attacks. However, in a bypass of the previously reported CVE-2024-47873, the regexes from the findCharSet method, which is used for determining the current...
CVE-2024-48917
creationtimestamp| type| source ---|---|--- 2024-11-16 00:08:05+00:00| published-proof-of-concept| https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-7cc9-j4mv-vcjp 2024-11-18 19:52:20+00:00| seen| https://infosec.exchange/users/cve/statuses/113505700408685113 2024-11-18...