Find real vulnerabilities before they ship
Vulnerability Database › packagist › CVE-2018-19277
securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows a bypass of protection mechanisms for XXE via UTF-7 encoding in a .xlsx file
Base Score