Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist

phpoffice/phpspreadsheet

packagist · PHPSpreadsheet - Read, Create and Write Spreadsheet documents in PHP - Spreadsheet engine · Repository · Package

Security Advisories for phpoffice/phpspreadsheet in packagist

High
about 1 month ago

PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser GSA_kwCzR0hTQS1yeDdtLTY4dmMtcHB4aM4ABLZU

packagist phpoffice/phpspreadsheet
Moderate
8 months ago

PhpSpreadsheet allows bypassing of XSS sanitizer using the javascript protocol and special characters GSA_kwCzR0hTQS1yNTdoLTU0N2gtdzI0Zs4ABEF_

packagist phpoffice/phpspreadsheet
Moderate
8 months ago

Cross-Site Scripting (XSS) vulnerability in generateNavigation() function in PhpSpreadsheet GSA_kwCzR0hTQS03OXh4LXZmOTMtcDdjeM4ABDo3

packagist phpoffice/phpspreadsheet
Moderate
9 months ago

PhpSpreadsheet allows bypass XSS sanitizer using the javascript protocol and special characters GSA_kwCzR0hTQS1xOWp2LW1tM3ItajQ3cs4ABC8m

packagist phpoffice/phpspreadsheet
Moderate
9 months ago

PhpSpreadsheet has a Cross-Site Scripting (XSS) vulnerability of the hyperlink base in the HTML page header GSA_kwCzR0hTQS1od2NwLTJoMzUtcDY2d84ABC8l

packagist phpoffice/phpspreadsheet
Moderate
9 months ago

PhpSpreadsheet has a Cross-Site Scripting (XSS) vulnerability in custom properties GSA_kwCzR0hTQS13djIzLTk5NnYtcTIyOc4ABC8k

packagist phpoffice/phpspreadsheet
High
9 months ago

PhpSpreadsheet allows unauthorized Reflected XSS in Currency.php file GSA_kwCzR0hTQS1qMnhnLWNqY3gtNDY3N84ABC8j

packagist phpoffice/phpspreadsheet
High
9 months ago

PhpSpreadsheet allows unauthorized Reflected XSS in the Accounting.php file GSA_kwCzR0hTQS1jNmZ2LTd2aDgtMnJocs4ABC8i

packagist phpoffice/phpspreadsheet
High
9 months ago

PhpSpreadsheet allows unauthorized Reflected XSS in the constructor of the Downloader class GSA_kwCzR0hTQS1qbXB4LTY4NnYtYzN3eM4ABC8h

packagist phpoffice/phpspreadsheet
High
9 months ago

PhpSpreadsheet allows unauthorized Reflected XSS in `Convert-Online.php` file GSA_kwCzR0hTQS14ODhnLWg5NTYtbTV4Z84ABC8c

packagist phpoffice/phpspreadsheet
High
11 months ago

XXE in PHPSpreadsheet's XLSX reader GSA_kwCzR0hTQS03Y2M5LWo0bXYtdmNqcM4ABBeQ

packagist phpoffice/phpspreadsheet
High
11 months ago

XmlScanner bypass leads to XXE GSA_kwCzR0hTQS1qdzR4LXY2OWYtaGg1d84ABBeP

packagist phpoffice/phpspreadsheet
High
12 months ago

XXE in PHPSpreadsheet's XLSX reader GSA_kwCzR0hTQS02aHdyLTZ2MmYtM204OM4ABABf

packagist phpoffice/phpspreadsheet
Moderate
12 months ago

PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via JavaScript hyperlinks GSA_kwCzR0hTQS1yOHc4LTc0d3ctajR3aM4ABABe

packagist phpoffice/phpspreadsheet
Moderate
12 months ago

PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery in HTML writer when embedding images is enabled GSA_kwCzR0hTQS13OXh2LXFmOTgtY2NxNM4ABABd

packagist phpoffice/phpspreadsheet
High
12 months ago

PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery when opening XLSX file GSA_kwCzR0hTQS01Z3ByLXcycDUtNm0zN84ABABc

packagist phpoffice/phpspreadsheet
Moderate
12 months ago

PhpSpreadsheet has an Unauthenticated Cross-Site-Scripting (XSS) in sample file GSA_kwCzR0hTQS12NjZnLXA5eDYtdjk4cM4ABAA1

packagist phpoffice/phpspreadsheet
High
about 1 year ago

XXE in PHPSpreadsheet encoding is returned GSA_kwCzR0hTQS1naGc2LTMyZjktMmpwN84AA_B0

packagist phpoffice/phpspreadsheet
Moderate
about 1 year ago

PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via style information GSA_kwCzR0hTQS13Z21mLXE5dnItdnd3Ns4AA_Bz

packagist phpoffice/phpspreadsheet

Filter by Severity

High 10 Moderate 9