xml2xlsx@1.0.1 vulnerabilities

XML to XLSX converter

Direct Vulnerabilities

Known vulnerabilities in the xml2xlsx package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
XML External Entity (XXE) Injection

Affected versions of this package are vulnerable to XML External Entity (XXE) Injection via 'xml2xlsx()' function, due to improper input sanitisation. An attacker is able to read local files by defining an external entity.

How to fix XML External Entity (XXE) Injection?

There is no fixed version for xml2xlsx.

[0,)