18 matches found
EUVD-2023-31862
Malicious code in bioql PyPI...
EUVD-2023-0772
Malicious code in bioql PyPI...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2022-48115
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting XSS...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
Xxe
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
Independentsoft JSpreadsheet 代码问题漏洞
Independentsoft JSpreadsheet is a Microsoft Excel-compatible API for Java and Android from Independentsoft, Germany. A security vulnerability exists in Independentsoft JSpreadsheet versions prior to 1.1.110, which stems from the API's susceptibility to XML External Entity XXE injection via a remo...
CVE-2023-28151
CVE-2023-28151 affects Independentsoft JSpreadsheet before 1.1.110. The issue is an XML External Entity (XXE) injection via a remote DTD in a DOCX file, arising from the API behavior. Public detail confirms the vulnerable component as JSpreadsheet’s API and the root cause as XXE in DOCX processin...
CVE-2023-28151
An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity XXE injection via a remote DTD in a DOCX file...
PT-2023-21597 · Independentsoft · Jspreadsheet
Name of the Vulnerable Software and Affected Versions: Independentsoft JSpreadsheet versions prior to 1.1.110 Description: An issue was discovered in the API, which is prone to XML external entity XXE injection via a remote DTD in a DOCX file. Recommendations: For versions prior to 1.1.110, updat...
GHSA-Q82H-Q47J-F492 Cross-site Scripting in jspreadsheet
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting XSS...
Cross-site Scripting in jspreadsheet
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting XSS...
CVE-2022-48115
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting XSS...
Jspreadsheet CE 跨站脚本漏洞
Jspreadsheet CE is Jspreadsheet open source a lightweight javascript plugin . Used to create web-based interactive tables and spreadsheets compatible with other spreadsheet software . A security vulnerability exists in Jspreadsheet CE versions prior to v4.6.0, which stems from a cross-site...
CVE-2022-48115
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting XSS...
CVE-2022-48115
CVE-2022-48115 affects jspreadsheet CE prior to 4.6.0, with a cross-site scripting (XSS) vulnerability in the dropdown/menu code path. Root cause identified as insufficient sanitization/handling in the dropdown implementation, enabling attacker-controlled input to execute scripts in a victim’s br...
CVE-2022-48115
The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting XSS...