National Cyber Warfare Foundation (NCWF)

PhpSpreadsheet Library Vulnerability Lets Attackers Inject Malicious HTML Input
0 user ratings		2025-08-26 11:15:41
milo
Red Team (CNA)

A critical Server-Side Request Forgery (SSRF) vulnerability has been discovered in the popular PhpSpreadsheet library, allowing attackers to inject malicious HTML input when processing spreadsheet documents. The vulnerability, assigned CVE-2025-54370, affects multiple versions of the phpoffice/phpspreadsheet package and carries a high severity rating with CVSS v3.1 score of 7.5 and CVSS v4.0 score of 8.7. Vulnerability Details The security flaw was discovered by Aleksey […]


The post PhpSpreadsheet Library Vulnerability Lets Attackers Inject Malicious HTML Input appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Divya

Source: gbHackers
Source Link: https://gbhackers.com/phpspreadsheet-library-vulnerability/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Red Team (CNA)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.