CVE-2025-22131 | PHPOffice PhpSpreadsheet up to 1.29.7/2.1.6/2.3.5 generateNavigation cross site scripting

Inserito da Angelo Barbosa | Gen 20, 2025 | CVE

A vulnerability was found in PHPOffice PhpSpreadsheet up to 1.29.7/2.1.6/2.3.5. It has been classified as problematic. This affects the function generateNavigation. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-22131. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2025-22131 | PHPOffice PhpSpreadsheet up to 1.29.7/2.1.6/2.3.5 generateNavigation cross site scripting

Post correlati

CVE-2024-2467 | Crypt-OpenSSL-RSA 1.5 on Perl PKCS#1 Padding Marvin Attack timing discrepancy

CVE-2024-10658 | Tongda OA up to 11.10 check_seal.php ID sql injection

CVE-2024-56002 | Porthas Contact Form, Survey & Form Builder Plugin up to 1.3.9 on WordPress authorization

CVE-2023-6902 | codelyfe Stupid Simple CMS up to 1.2.4 /file-manager/upload.php file unrestricted upload