18 matches found
EUVD-2023-31862
Malicious code in bioql PyPI...
EUVD-2023-0772
Malicious code in bioql PyPI...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2022-48115
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting XSS...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
Xxe
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
CVE-2023-28151 affects Independentsoft JSpreadsheet before 1.1.110. The issue is an XML External Entity (XXE) injection via a remote DTD in a DOCX file, arising from the API behavior. Public detail confirms the vulnerable component as JSpreadsheet’s API and the root cause as XXE in DOCX processin...
Independentsoft JSpreadsheet 代码问题漏洞
Independentsoft JSpreadsheet is a Microsoft Excel-compatible API for Java and Android from Independentsoft, Germany. A security vulnerability exists in Independentsoft JSpreadsheet versions prior to 1.1.110, which stems from the API's susceptibility to XML External Entity XXE injection via a remo...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
PT-2023-21597 · Independentsoft · Jspreadsheet
Name of the Vulnerable Software and Affected Versions: Independentsoft JSpreadsheet versions prior to 1.1.110 Description: An issue was discovered in the API, which is prone to XML external entity XXE injection via a remote DTD in a DOCX file. Recommendations: For versions prior to 1.1.110, updat...
Cross-site Scripting in jspreadsheet
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting XSS...
GHSA-Q82H-Q47J-F492 Cross-site Scripting in jspreadsheet
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting XSS...
CVE-2022-48115
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting XSS...
CVE-2022-48115
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting XSS...
CVE-2022-48115
CVE-2022-48115 affects jspreadsheet CE prior to 4.6.0, with a cross-site scripting (XSS) vulnerability in the dropdown/menu code path. Root cause identified as insufficient sanitization/handling in the dropdown implementation, enabling attacker-controlled input to execute scripts in a victim’s br...
CVE-2022-48115
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting XSS...
Jspreadsheet CE 跨站脚本漏洞
Jspreadsheet CE is Jspreadsheet open source a lightweight javascript plugin . Used to create web-based interactive tables and spreadsheets compatible with other spreadsheet software . A security vulnerability exists in Jspreadsheet CE versions prior to v4.6.0, which stems from a cross-site...