CVE-2025-48882 – PHPOffice Math XML External Entity (XXE) Vulnerability

May 30, 2025

CVE ID : CVE-2025-48882

Published : May 30, 2025, 8:15 p.m. | 1 hour, 25 minutes ago

Description : PHPOffice Math is a library that provides a set of classes to manipulate different formula file formats. Prior to version 0.3.0, loading XML data using the standard `libxml` extension and the `LIBXML_DTDLOAD` flag without additional filtration, leads to XXE. Version 0.3.0 fixes the vulnerability.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48946 – Liboqs HQC Algorithmic Design Flaw Vulnerability

Next Article CVE-2025-48874 – Apache HTTP Server Insecure Deserialization

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Players aren’t buying Call of Duty’s “error” excuse for the ads Activision started forcing into the game’s menus recently

In Sam Altman’s world, the perfect AI would be “a very tiny model with superhuman reasoning capabilities” for any context

Sam Altman’s ouster from OpenAI was so dramatic that it’s apparently becoming a movie — Will we finally get the full story?

One of Microsoft’s biggest hardware partners joins its “bold strategy, Cotton” moment over upgrading to Windows 11, suggesting everyone just buys a Copilot+ PC

LatAm’s First Databricks Champion at Perficient

LatAm’s First Databricks Champion at Perficient

Beyond AEM: How Adobe Sensei Powers the Full Enterprise Experience

Simplify Negative Relation Queries with Laravel’s whereDoesntHaveRelation Methods

Players aren’t buying Call of Duty’s “error” excuse for the ads Activision started forcing into the game’s menus recently

Players aren’t buying Call of Duty’s “error” excuse for the ads Activision started forcing into the game’s menus recently

In Sam Altman’s world, the perfect AI would be “a very tiny model with superhuman reasoning capabilities” for any context

Sam Altman’s ouster from OpenAI was so dramatic that it’s apparently becoming a movie — Will we finally get the full story?

CVE-2025-48882 – PHPOffice Math XML External Entity (XXE) Vulnerability

HPE StoreOnce Faces Critical CVE-2025-37093 Vulnerability — Urges Immediate Patch Upgrade

35,000 Solar Power Systems Exposed To Internet Are Vulnerable To Cyberattacks

CVE-2025-2892 – WordPress All in One SEO Plugin Stored Cross-Site Scripting Vulnerability

Buy, Sell Ford raptor | Dealers | Used ford ranger vans for sale in Nottingham, Derby & Leicester

CVE-2025-4430 – EZD RP File Manipulation Remote Code Execution

CVE-2025-49069 – Cimatti Consulting Contact Forms CSRF

Announcing MongoDB Server 8.0 Platform Support Improvements

AWS empowers sales teams using generative AI solution built on Amazon Bedrock

Bolt.new: Web Creation at the Speed of Thought

CVE-2025-2851 – GL.iNet RPC Handler Buffer Overflow

CVE-2025-48882 – PHPOffice Math XML External Entity (XXE) Vulnerability

Related Posts