2 matches found
CVE-2022-25646
All versions of package x-data-spreadsheet are vulnerable to Cross-site Scripting XSS due to missing sanitization of values inserted into the cells...
Cross-site Scripting (XSS)
Overview x-data-spreadsheet is an a javascript xpreadsheet Affected versions of this package are vulnerable to Cross-site Scripting XSS due to missing sanitization of values inserted into the cells. PoC: Insert payload into a cell. Example payload: html " Details Cross-site scripting or XSS is a...