[MEDIUM] PhpSpreadsheet has a Cross-Site Scripting (XSS) vulnerability of the hyperlink base in the HTML page header

PKSA-nm34-xhtz-ww9p CVE-2024-56411 GHSA-hwcp-2h35-p66w

Affected package: phpoffice/phpspreadsheet

Affected version: >=2.2.0,<=2.3.4|>=2.0.0,<=2.1.5|<=1.29.6|>=3.0.0,<3.7.0

Reported by:
GitHub