Apache Fesod 安全漏洞

Apache Fesod is a high-performance spreadsheet file reading and writing library developed by the Apache Foundation in the United States. Versions of Apache Fesod prior to 2.0.2-incubating contained security vulnerabilities. These vulnerabilities were caused by a request forgeing issue in the...

Cross-site Scripting (XSS)

Overview phpoffice/phpspreadsheet is a Spreadsheet engine that Read, Create and Write Spreadsheet documents in PHP . Affected versions of this package are vulnerable to Cross-site Scripting XSS in the HTML export process when handling custom number format codes containing the @ text placeholder. ...

EUVD-2025-25699

Malicious code in bioql PyPI...

The vulnerability of the generateRow() function in the PHP Spreadsheet library allows attackers to perform cross-site scripting attacks.

The vulnerability of the generateRow function in the PHP Spreadsheet library is related to the lack of protective measures for web page structures. Exploiting this vulnerability allows an attacker to perform cross-site scripting attacks remotely...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the href attributes in hyperlinks due to improper sanitization of "javascript:" URLs. An attacker can inject malicious scripts that are executed in the context of the user's browser by crafting malicious...

GHSA-X5CW-843F-R366 x-data-spreadsheet through 1.1.9 vulnerable to Cross-site Scripting

All versions of package x-data-spreadsheet are vulnerable to Cross-site Scripting XSS due to missing sanitization of values inserted into the cells...

CVE-2020-26828

SAP Disclosure Management, version - 10.1, provides capabilities for authorized users to upload and download content of specific file type. In some file types it is possible to enter formulas which can call external applications or execute scripts. The execution of a payload script on target...