Security Advisory

CVE-2024-56410

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-03 17:17:52

Last updated 2025-01-03 20:11:13

Assigner GitHub_M

State PUBLISHED

Description

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 have a cross-site scripting (XSS) vulnerability in custom properties. The HTML page is generated without clearing custom properties. Versions 3.7.0, 2.3.5, 2.1.6, and 1.29.7 contain a patch for the issue.

← Browse all CVEs View on cve.org ↗