20Oca
CVE-2025-22131 | PHPOffice PhpSpreadsheet up to 1.29.7/2.1.6/2.3.5 generateNavigation cross site scripting
A vulnerability was found in PHPOffice PhpSpreadsheet up to 1.29.7/2.1.6/2.3.5. It has been classified as problematic. This affects the functiongenerateNavigation
. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2025-22131. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.