CVE-2025-22131 PoC — PhpSpreadsheet 跨站脚本漏洞

Source

https://github.com/s0ck37/CVE-2025-22131-POC

Associated Vulnerability

Title:PhpSpreadsheet 跨站脚本漏洞 (CVE-2025-22131)
Description:PhpSpreadsheet是PHPOffice开源的一款用于读取和写入电子表格文件的PHP库。 PhpSpreadsheet存在跨站脚本漏洞.攻击者利用该漏洞可以执行跨站点脚本攻击。

Description

POC for the vuln CVE-2025-22131

Readme

# CVE-2025-22131 POC
## CVE-2025-22131 XSS Exploit by s0ck37

![title](out.png)

Reference: https://sploitus.com/exploit?id=152DAC32-8330-54D6-A916-7FC36EAA38B7

File Snapshot


 [4.0K]  /data/pocs/cea9297438ef0c5473fe48c850d6c815f0b05aef
├── [1.0K]  generate.py
├── [127K]  out.png
├── [ 161]  README.md
└── [6.5K]  sample.xlsx

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!