[MEDIUM] PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via JavaScript hyperlinks

PKSA-p1pj-q951-6f1x CVE-2024-45292 GHSA-r8w8-74ww-j4wh

Affected package: phpoffice/phpspreadsheet

Affected version: >=2.0.0,<2.1.1|<1.29.2|>=2.2.0,<2.3.0

Reported by:
GitHub