Security: PHPOffice/PhpSpreadsheet
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
XXE in PHPSpreadsheet's XLSX readerGHSA-6hwr-6v2f-3m88 published
Oct 7, 2024 by oleibmanHigh -
Absolute path traversal and Server-Side Request Forgery when opening XLSX fileGHSA-5gpr-w2p5-6m37 published
Oct 7, 2024 by oleibmanHigh -
Absolute path traversal and Server-Side Request Forgery in HTML writer when embedding images is enabledGHSA-w9xv-qf98-ccq4 published
Oct 7, 2024 by oleibmanModerate -
PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via style informationGHSA-wgmf-q9vr-vww6 published
Aug 28, 2024 by oleibmanModerate -
PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via JavaScript hyperlinksGHSA-r8w8-74ww-j4wh published
Oct 7, 2024 by oleibmanModerate -
XXE in PHPSpreadsheet encoding is returnedGHSA-ghg6-32f9-2jp7 published
Aug 28, 2024 by oleibmanHigh -
Unauthenticated Cross-Site-Scripting (XSS) in sample fileGHSA-v66g-p9x6-v98p published
Oct 6, 2024 by oleibmanHigh
Learn more about advisories related to PHPOffice/PhpSpreadsheet in the GitHub Advisory Database