Phpspreadsheet@3.0.0 Security Vulnerabilities and Issues — Phpspreadsheet@3.0.0 CVE List

Lucene search

PhpofficePhpspreadsheet3.0.0

3 matches found

CVE•added 2025/01/20 4:15 p.m.•58 views

CVE-2025-22131

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting (XSS) vulnerability in the code which translates the XLSX file into a HTML representation and displays it in the response.

6.1CVSS5.7AI score0.00026EPSS

CVE•added 2025/01/03 6:15 p.m.•48 views

CVE-2024-56411

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 have a cross-site scripting (XSS) vulnerability of the hyperlink base in the HTML page header. The HTML page is formed without sanitizing the hyperlink base. Versions 3.7.0, ...

5.4CVSS5.5AI score0.00098EPSS

CVE•added 2025/01/03 6:15 p.m.•46 views

CVE-2024-56412

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 are vulnerable to bypass of the cross-site scripting sanitizer using the javascript protocol and special characters. An attacker can use special characters, so that the libra...

5.4CVSS6AI score0.00098EPSS