6 matches found
CVE-2025-22131
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting XSS vulnerability in the code which translates the XLSX file into a HTML representation and displays it in the response...
CVE-2025-22131
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting XSS vulnerability in the code which translates the XLSX file into a HTML representation and displays it in the response...
CVE-2025-22131
PhpSpreadsheet CVE-2025-22131 is an XSS in generateNavigation() during XLSX-to-HTML conversion when sheet names are not escaped for multi-sheet files. Affects PhpSpreadsheet versions prior to 2.2.2, 2.1.2, and 1.29.4; PoCs exist showing cookie-exfiltration via HTML navigation. Root cause: unsanit...
CVE-2025-22131 Cross-Site Scripting (XSS) vulnerability in generateNavigation() function
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting XSS vulnerability in the code which translates the XLSX file into a HTML representation and displays it in the response...
CVE-2025-22131 Cross-Site Scripting (XSS) vulnerability in generateNavigation() function
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting XSS vulnerability in the code which translates the XLSX file into a HTML representation and displays it in the response...
CVE-2025-22131 Cross-Site Scripting (XSS) vulnerability in generateNavigation() function
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting XSS vulnerability in the code which translates the XLSX file into a HTML representation and displays it in the response...