xml2xlsx@1.0.0 vulnerabilities
XML to XLSX converter
-
latest version
1.0.2
-
first published
9 years ago
-
latest version published
2 months ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the xml2xlsx package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection via 'xml2xlsx()' function, due to improper input sanitisation. An attacker is able to read local files by defining an external entity. How to fix XML External Entity (XXE) Injection? There is no fixed version for |
[0,)
|