CVE-2025-48882 – PHPOffice Math XML External Entity (XXE) Vulnerability

CVE ID : CVE-2025-48882

Published : May 30, 2025, 8:15 p.m. | 1 hour, 44 minutes ago

Description : PHPOffice Math is a library that provides a set of classes to manipulate different formula file formats. Prior to version 0.3.0, loading XML data using the standard `libxml` extension and the `LIBXML_DTDLOAD` flag without additional filtration, leads to XXE. Version 0.3.0 fixes the vulnerability.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…