CVE-2024-23525
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the no_xxe option of XML::Twig.
More information : http://www.openwall.com/lists/oss-security/2024/01/18/4
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the no_xxe option of XML::Twig.
More information : http://www.openwall.com/lists/oss-security/2024/01/18/4