14Ara
Does Python in Excel have the same Security issues as VBS in Excel?
Microsoft Excel supports Python scripts (source).
VBScript Macros within Excel are known to be a security risk (source). If I read this emotet article right, then VBScript macros allow arbitrary code execution.
Do the included Python scripts have the same security issues as Excel VBScript Macros? Are the Python scripts sandboxed / restricted in any way?
I don't have Microsoft Excel myself, hence I cannot simply try. I'd be especially curious if external requests (urllib3) or system execution (sys.exec) are possible.
It seems that a few external libraries can be used. But the set seems to closed, e.g. not arbitrary software can be used. As beautifulsoup4 is in that list, I would guess that external requests can be made.
