mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-01 11:10:36 +00:00
772 B
772 B
CVE-2022-25646
&color=brighgreen)
Description
All versions of package x-data-spreadsheet are vulnerable to Cross-site Scripting (XSS) due to missing sanitization of values inserted into the cells.
POC
Reference
- https://github.com/myliang/x-spreadsheet/issues/580
- https://security.snyk.io/vuln/SNYK-JS-XDATASPREADSHEET-2430381
- https://youtu.be/Ij-8VVKNh7U
Github
No PoCs found on GitHub currently.