CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-7776 – Cross-site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2020-7776
This affects the package phpoffice/phpspreadsheet from 0.0.0. The library is vulnerable to XSS when creating an html output from an excel file by adding a comment on any cell. The root cause of this issue is within the HTML writer where user comments are concatenated as part of link and this is returned as HTML. A fix for this issue is available on commit 0ed5b800be2136bcb8fa9c1bdf59abc957a98845/master branch. Esto afecta al paquete phpoffice/phpspreadsheet desde la versión 0.0.0. • https://github.com/PHPOffice/PhpSpreadsheet/blob/master/src/PhpSpreadsheet/Writer/Html.php%23L1792 https://github.com/PHPOffice/PhpSpreadsheet/commit/0ed5b800be2136bcb8fa9c1bdf59abc957a98845 https://snyk.io/vuln/SNYK-PHP-PHPOFFICEPHPSPREADSHEET-1048856 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-12331
https://notcve.org/view.php?id=CVE-2019-12331
PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml payload to utf-7 it is possible to bypass the check for the string ‚<!ENTITY‘ and thus allowing for an xml external entity processing (XXE) attack. • https://github.com/PHPOffice/PhpSpreadsheet/blob/master/CHANGELOG.md#180---2019-07-01 https://herolab.usd.de/security-advisories/usd-2019-0046 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 2CVE-2018-19277 – PhpSpreadsheet < 1.5.0 - XML External Entity (XXE)
https://notcve.org/view.php?id=CVE-2018-19277
securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows a bypass of protection mechanisms for XXE via UTF-7 encoding in a .xlsx file securityScan() en PHPOffice PhpSpreadsheet hasta la versión 1.5.0 permite la omisión de los mecanismos de protección de XEE (XML External Entity) mediante el cifrado UTF-7 en un archivo .xlsx. • https://www.exploit-db.com/exploits/46050 https://github.com/MewesK/TwigSpreadsheetBundle/issues/18 https://github.com/PHPOffice/PhpSpreadsheet/issues/771 https://www.bishopfox.com/news/2018/11/phpoffice-versions https://www.drupal.org/sa-contrib-2021-043 • CWE-91: XML Injection (aka Blind XPath Injection) •