CVE-2019-12331
N/A
N/A
Summary
PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml payload to utf-7 it is possible to bypass the check for the string ‚<!ENTITY‘ and thus allowing for an xml external entity processing (XXE) attack.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/PHPOffice/PhpSpreadsheet/blob/master/CHANGELOG.md#180—2019-07-01
- https://herolab.usd.de/security-advisories/usd-2019-0046/
References
- https://github.com/PHPOffice/PhpSpreadsheet/blob/master/CHANGELOG.md#180—2019-07-01
- https://herolab.usd.de/security-advisories/usd-2019-0046/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.