CVE-2024-47873

Name of the Vulnerable Software and Affected Versions PhpSpreadsheet versions prior to 1.9.4, 2.1.3, 2.3.2, and 3.4.0

Description The XmlScanner class in PhpSpreadsheet has a scan method that is intended to prevent XXE attacks. However, the regexes used in the scan method and the findCharSet method can be bypassed by using UCS-4 and encoding guessing, allowing an attacker to bypass the sanitizer and achieve an XML external entity attack. This issue can be exploited by creating a malicious payload for the workbook.xml file, which can lead to an HTTP request being sent to a specified URL.

Recommendations For versions prior to 1.9.4, update to version 1.9.4 or later. For versions prior to 2.1.3, update to version 2.1.3 or later. For versions prior to 2.3.2, update to version 2.3.2 or later. For versions prior to 3.4.0, update to version 3.4.0 or later.