aschwarz/prognose_kehl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Änderungen https Andy Müller rückgängig gemacht

Browse Source
This commit is contained in:
aschwarz
2023-04-26 14:01:34 +02:00
parent dd253ca7e9
commit 1d0d52f302
355 changed files with 1004 additions and 1004 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
PHPExcel/Documentation/markdown/ReadingSpreadsheetFiles/02-Security.md
View File

@ -3,7 +3,7 @@
## Security
XML-based formats such as OfficeOpen XML, Excel2003 XML, OASIS and Gnumeric are susceptible to XML External Entity Processing (XXE) injection attacks (for an explanation of XXE injection see http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html) when reading spreadsheet files. This can lead to:
XML-based formats such as OfficeOpen XML, Excel2003 XML, OASIS and Gnumeric are susceptible to XML External Entity Processing (XXE) injection attacks (for an explanation of XXE injection see https://websec.io/2012/08/27/Preventing-XEE-in-PHP.html) when reading spreadsheet files. This can lead to:
- Disclosure whether a file is existent
- Server Side Request Forgery