Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the generateRow method. An attacker can execute arbitrary JavaScript code in the user's browser by crafting a malicious XML file that bypasses the XSS sanitizer when processed and rendered as HTML...

Cross-Site Scripting (XSS)

phpoffice/phpspreadsheet is vulnerable to cross-site scripting XSS. The vulnerability is due to improper handling of the javascript protocol and special characters, allowing an attacker to craft malicious links that bypass the sanitizer...

Cross-Site Scripting (XSS)

phpoffice/phpspreadsheet is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to a lack of sanitization in the /vendor/phpoffice/phpspreadsheet/samples/Engineering/Convert-Online.php file, allowing an attacker to inject malicious scripts into web pages viewed by other...

Reflected Cross-Site Scripting (Reflected XSS)

phpoffice/phpspreadsheet is vulnerable to Reflected Cross-Site Scripting Reflected XSS. The vulnerability is due to insufficient input sanitization in the Accounting.php file, which allows an attacker to inject malicious scripts...

Reflected Cross-Site Scripting

phpoffice/phpspreadsheet is vulnerable to Unauthorized Reflected Cross-Site Scripting Reflected XSS. The vulnerability is due to improper input handling in the Currency.php file, allows an attacker to inject and execute malicious scripts...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper input sanitization of the generateRowparameter in the \Writer\Html class. Remediation There is no fixed version for phpoffice/phpexcel. References - GitHub Commit Credit: Aleksey Solovev...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper input sanitization passed through the quantity parameter. PoC html history.pushState'', '', '/'; document.forms0.submit; Remediation There is no fixed version for phpoffice/phpexcel. References -...

PhpSpreadsheet 跨站脚本漏洞

PhpSpreadsheet is an open source PHP library from PHPOffice for reading and writing spreadsheet files. PhpSpreadsheet suffers from a cross-site scripting vulnerability that originates from HTML pages formed without cleaning up the hyperlink library, resulting in a cross-site scripting XSS...

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect v10.0.9.0 Vulnerability Details CVEID:CVE-2024-5535 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a buffer over-read flaw in the SSLselectnextproto API function when calling with an empty supported client...

XML External Entity (XXE)

phpoffice/phpexcel is vulnerable to an XXE XML External Entity. The vulnerability is due to improper parsing of XML data, which allows attackers to inject external entities and potentially access sensitive files or execute malicious code...

XML External Entity (XXE) Injection

Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection due to the usage of improperly secured regular expressions in the scan and findCharSet methods of the XmlScanner class. By exploiting UCS-4 encoding and encoding guessing techniques, attackers can...

XML External Entity (XXE) Injection

Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection due to the improper handling of XML input. An attacker can exfiltrate sensitive data or cause denial of service. Details XXE Injection is a type of attack against an application that parses XML input. X...

Loft Data Grids - Moderately critical - Multiple vulnerabilities - SA-CONTRIB-2024-054

This module provides serialization formats for use by other modules. The module includes a version of phpoffice/phpspreadsheet which has multiple known security vulnerabilities...

Cross-Site Scripting (XSS)

phpoffice/phpspreadsheet is vulnerable to a cross-site scripting XSS. The vulnerability is due to improper handling of input where a number is expected, allowing an attacker to perform formula injection through direct concatenation of user-supplied parameters into spreadsheet formulas...

Server Side Request Forgery (SSRF)

phpoffice/phpspreadsheet is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the ability of an attacker to construct an XLSX file that links images from arbitrary paths, which allows for embedding those files as data: URLs and performing unauthorized HTTP GET requests...

PhpSpreadsheet 跨站脚本漏洞

PhpSpreadsheet is an open source PHP library from PHPOffice for reading and writing spreadsheet files. A cross-site scripting vulnerability exists in PhpSpreadsheet that stems from improper handling of input...

PhpSpreadsheet 跨站脚本漏洞

PhpSpreadsheet is an open source PHP library from PHPOffice for reading and writing spreadsheet files. A cross-site scripting vulnerability exists in PHPSpreadsheet, which stems from the fact that PhpOfficePhpSpreadsheetWriterHtml does not clean up "javascript:" in the href attribute of hyperlink...

Pimcore includes vulnerable PHPOffice/PhpSpreadsheet

Summary Pimcore 10.6.x and Enterprise 10.6.x versions currently depend on PHPOffice/PhpSpreadsheet version 1.x, which has recently been identified with a security vulnerability CVE-2024-45048. To mitigate this issue, it is recommended to update to the latest version 2.2.2. For more details, pleas...

GHSA-HQ76-662X-7MW4 Pimcore includes vulnerable PHPOffice/PhpSpreadsheet

Summary Pimcore 10.6.x and Enterprise 10.6.x versions currently depend on PHPOffice/PhpSpreadsheet version 1.x, which has recently been identified with a security vulnerability CVE-2024-45048. To mitigate this issue, it is recommended to update to the latest version 2.2.2. For more details, pleas...

GHSA-GHG6-32F9-2JP7 XXE in PHPSpreadsheet encoding is returned

Summary Bypassing the filter allows a XXE-attack. Which is turn allows attacker to obtain contents of local files, even if error reporting muted by @ symbol. LFI-attack Details Check $pattern = '/encoding=".?"/'; easy to bypass. Just use a single quote symbol '. So payload looks like this:...