Aggregates CVE and security vulnerability intelligence across all independentsoft-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk xxe and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-28150 | An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file. | [email protected] | 5.3 | 0.35% | 2023-03-24 | 2025-05-30 |
| CVE-2023-28151 | An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file. | [email protected] | 5.3 | 0.35% | 2023-03-24 | 2025-05-30 |
| CVE-2023-28152 | An issue was discovered in Independentsoft JWord before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file. | [email protected] | 5.3 | 0.35% | 2023-03-24 | 2025-05-30 |