EUVD-2024-3611

Malicious code in bioql PyPI...

EUVD-2024-3522

Malicious code in bioql PyPI...

CVE-2024-56364

SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Starting in 1.0.12 and ending in 1.1.13, when calling the extended toHTMLEx method, it is possible to execute arbitrary JavaScript code. This vulnerability is fixed in 1.1.13...

CVE-2024-55878

SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Starting in version 1.0.12 and prior to version 1.1.12, when calling the extended toHTMLEx method, it is possible to execute arbitrary JavaScript code. Version 1.1.12 fixes the issue. As a workaround, don't use direct...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the toHTMLEx method due to improper input sanitization. An attacker can execute arbitrary JavaScript code by injecting malicious scripts into the input data processed by this method. Details Cross-site...

SimpleXLSX 跨站脚本漏洞

SimpleXLSX is a tool by the individual developer Sergey Shuchkin. It is used to parse and retrieve data from Excel XLSx files. A cross-site scripting vulnerability exists in SimpleXLSX versions 1.0.12 through 1.1.13 that stems from the potential execution of arbitrary JavaScript code when using t...

PT-2024-9826 · Unknown · Simplexlsx

Name of the Vulnerable Software and Affected Versions: SimpleXLSX versions 1.0.12 through 1.1.13 Description: The issue is related to the execution of arbitrary JavaScript code when calling the extended toHTMLEx method in SimpleXLSX. This can allow a remote attacker to execute arbitrary JavaScrip...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the toHTMLEx method. An attacker can execute arbitrary JavaScript code by injecting malicious input. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a...

CVE-2024-55878 Cross-site Scripting vulnerability in SimpleXLSXEx::readXfs and SimpeXLSX::toHTMLEx

SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Starting in version 1.0.12 and prior to version 1.1.12, when calling the extended toHTMLEx method, it is possible to execute arbitrary JavaScript code. Version 1.1.12 fixes the issue. As a workaround, don't use direct...

CVE-2024-55878

The CVE-2024-55878 entry affects SimpleXLSX (PHP library for parsing Excel XLSX files). The vulnerability lies in the extended toHTMLEx method, exploited when calling toHTMLEx in versions 1.0.12 through 1.1.11, allowing arbitrary JavaScript execution (XSS) in affected contexts. Impact is elevated...

SimpleXLSX 跨站脚本漏洞

SimpleXLSX is a tool by the individual developer Sergey Shuchkin. It is used to parse and retrieve data from Excel XLSx files. A cross-site scripting vulnerability exists in SimpleXLSX version 1.0.12 up to and including version 1.1.12, which stems from the execution of arbitrary JavaScript code...

PT-2024-36597 · Unknown · Simplexlsx

Name of the Vulnerable Software and Affected Versions: SimpleXLSX versions 1.0.12 through 1.1.12 Description: The issue allows for the execution of arbitrary JavaScript code when calling the extended toHTMLEx method. This can be exploited in versions prior to 1.1.12. The estimated number of...