Vulnerability Found #1904

Closed
opened 2020-04-15 20:35:12 +00:00 by atcazzual · 3 comments
atcazzual commented 2020-04-15 20:35:12 +00:00 (Migrated from github.com)

I would like to report a vulnerability in SheetJS.

I've sent an email to sheetjs@gmail.com with the details and an attached Proof of Concept (PoC).

I would like to report a vulnerability in SheetJS. I've sent an email to sheetjs@gmail.com with the details and an attached Proof of Concept (PoC).
SheetJSDev commented 2020-04-15 21:42:05 +00:00 (Migrated from github.com)

Thanks for reporting! Sent a reply.

Thanks for reporting! Sent a reply.
lmshaffe commented 2020-04-28 15:08:55 +00:00 (Migrated from github.com)

This vulnerability popped up in Veracode for us and had a reference link to this issue. Just curious if there is a plan to work on this. I also don't know hot to test to see if our application is actually affected by this.

This vulnerability popped up in Veracode for us and had a reference link to this issue. Just curious if there is a plan to work on this. I also don't know hot to test to see if our application is actually affected by this.
huntr-helper commented 2020-08-21 11:31:59 +00:00 (Migrated from github.com)

‎‍🛠️ A fix has been provided for this issue. Please reference: https://github.com/418sec/sheetjs/pull/1

🔥 This fix has been provided through the https://huntr.dev/ bug bounty platform.

‎‍🛠️ A fix has been provided for this issue. Please reference: https://github.com/418sec/sheetjs/pull/1 🔥 This fix has been provided through the https://huntr.dev/ bug bounty platform.
Sign in to join this conversation.
No Milestone
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: sheetjs/sheetjs#1904
No description provided.