4 matches found
CVE-2024-56409
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 are vulnerable to unauthorized reflected cross-site scripting in the Currency.php file. Using the /vendor/phpoffice/phpspreadsheet/samples/Wizards/NumberFormat/Currency.php...
CVE-2024-56409 PhpSpreadsheet vulnerable to unauthorized reflected XSS in Currency.php file
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 are vulnerable to unauthorized reflected cross-site scripting in the Currency.php file. Using the /vendor/phpoffice/phpspreadsheet/samples/Wizards/NumberFormat/Currency.php...
CVE-2024-56409 PhpSpreadsheet vulnerable to unauthorized reflected XSS in Currency.php file
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 are vulnerable to unauthorized reflected cross-site scripting in the Currency.php file. Using the /vendor/phpoffice/phpspreadsheet/samples/Wizards/NumberFormat/Currency.php...
CVE-2024-56409
CVE-2024-56409 concerns PhpSpreadsheet, a PHP library for spreadsheet handling. The vulnerability affects the vulnerable component in the Currency.php sample, where the currency parameter is not sanitized, allowing an unauthorized reflected cross-site scripting (XSS) attack when an attacker submi...