1 results (0.002 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 3
CVE-2022-25646 – Cross-site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2022-25646
All versions of package x-data-spreadsheet are vulnerable to Cross-site Scripting (XSS) due to missing sanitization of values inserted into the cells. Todas las versiones del paquete x-data-spreadsheet son vulnerables a un ataque de tipo Cross-site Scripting (XSS) debido a una falta de saneo de los valores insertados en las celdas • https://github.com/myliang/x-spreadsheet/issues/580 https://security.snyk.io/vuln/SNYK-JS-XDATASPREADSHEET-2430381 https://youtu.be/Ij-8VVKNh7U • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •