mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
676 B
676 B
CVE-2017-5992
Description
Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document.
POC
Reference
- https://bitbucket.org/openpyxl/openpyxl/commits/3b4905f428e1
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854442
Github
No PoCs found on GitHub currently.