Lucene search
K

4 matches found

NVD
NVD
added 2024/12/12 8:15 p.m.81 views

CVE-2024-55878

SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Starting in version 1.0.12 and prior to version 1.1.12, when calling the extended toHTMLEx method, it is possible to execute arbitrary JavaScript code. Version 1.1.12 fixes the issue. As a workaround, don't use direct...

6.8CVSS0.00452EPSS
Exploits0References2
CVE
CVE
added 2024/12/12 7:20 p.m.64 views

CVE-2024-55878

The CVE-2024-55878 entry affects SimpleXLSX (PHP library for parsing Excel XLSX files). The vulnerability lies in the extended toHTMLEx method, exploited when calling toHTMLEx in versions 1.0.12 through 1.1.11, allowing arbitrary JavaScript execution (XSS) in affected contexts. Impact is elevated...

6.8CVSS6.9AI score0.00452EPSS
Exploits0References2
OSV
OSV
added 2024/12/12 7:20 p.m.30 views

CVE-2024-55878 Cross-site Scripting vulnerability in SimpleXLSXEx::readXfs and SimpeXLSX::toHTMLEx

SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Starting in version 1.0.12 and prior to version 1.1.12, when calling the extended toHTMLEx method, it is possible to execute arbitrary JavaScript code. Version 1.1.12 fixes the issue. As a workaround, don't use direct...

6.8CVSS7.1AI score0.00452EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/12/12 7:20 p.m.10 views

CVE-2024-55878 Cross-site Scripting vulnerability in SimpleXLSXEx::readXfs and SimpeXLSX::toHTMLEx

SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Starting in version 1.0.12 and prior to version 1.1.12, when calling the extended toHTMLEx method, it is possible to execute arbitrary JavaScript code. Version 1.1.12 fixes the issue. As a workaround, don't use direct...

6.8CVSS7.4AI score0.00452EPSS
Exploits0References2
Rows per page
Query Builder