0.001 Low
EPSS
Percentile
37.3%
exceljs is vulnerable to cross-site scripting (XSS) attacks. The library does not properly sanitize the cells in the table, allowing a malicious user to inject and execute arbitrary Javascript.
github.com/guyonroche/exceljs/commit/9066cd89a9fad055166b53ce9e75a42e7636bac1
hackerone.com/reports/356809