Exceljs
Monthly
An unescaped payload in exceljs <v1.6 allows a possible XSS via cell value when worksheet is displayed in browser. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An unescaped payload in exceljs <v1.6 allows a possible XSS via cell value when worksheet is displayed in browser. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.