CVE-2018-19277
Published
CVSS v3
8.8
HIGH
CVSS v2
6.8
MEDIUM
Affected
2
PROJECTS
Description
securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows a bypass of protection mechanisms for XXE via UTF-7 encoding in a .xlsx file
This Symfony bundle integrates PhpSpreadsheet into Symfony using Twig.
GitHub