EPSS
Percentile
70.4%
phpoffice/common is vulnerable to XML external entity (XXE) attacks. The vulnerability exists due to the insecure defaults where external entities were allowed, making XXE attacks possible.
github.com/PHPOffice/Common/commit/522e3fdde3cc658e89aace9317643b39009ab4af
github.com/PHPOffice/Common/pull/23
github.com/PHPOffice/Common/releases/tag/0.2.9
github.com/PHPOffice/PHPWord/issues/1421