A criticalServer-Side Request Forgery (SSRF)vulnerability has been discovered in the popular PhpSpreadsheet library, allowing attackers to inject malicious HTML input when processing spreadsheet documents. The vulnerability, assignedCVE-2025-54370, affects multiple versions of the phpoffice/phpspreadsheet package and carries ahigh severity ratingwith CVSS v3.1 score of7.5and CVSS v4.0 score of8.7. Vulnerability Details The security flaw was discovered by Aleksey […] The post PhpSpreadsheet Library Vulnerability Lets Attackers Inject Malicious HTML Input appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/phpspreadsheet-library-vulnerability/
