{"vulnerability": "CVE-2025-22131", "sightings": [{"uuid": "4ff88d90-8812-44fc-84e4-687fff29b0e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-22131", "type": "seen", "source": "https://bsky.app/profile/0xdf.bsky.social/post/3mfwii6uox72k", "content": "", "creation_timestamp": "2026-02-28T15:00:13.777697Z"}, {"uuid": "2058a618-b354-4f8f-8b60-d8f5d71dba10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-22131", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mfxoxwyp2j2p", "content": "", "creation_timestamp": "2026-03-01T02:29:07.749243Z"}, {"uuid": "39b5661d-baea-4b7a-b730-c28e2dafd2d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22131", "type": "published-proof-of-concept", "source": "Telegram/ubPNL18fq38V-85eNQiBmYAz7q_Pl82W275HnublzuemSJo", "content": "", "creation_timestamp": "2025-09-05T09:00:05.000000Z"}, {"uuid": "2e747673-ab63-467f-9283-ff346b8e7288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22131", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/50135", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aPoC for CVE-2025-22131\nURL\uff1ahttps://github.com/ZzN1NJ4/CVE-2025-22131-PoC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-09-03T15:24:22.000000Z"}, {"uuid": "9169bc8d-01b5-4551-a286-5cda48309a86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22131", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113861423899231681", "content": "", "creation_timestamp": "2025-01-20T15:37:30.140399Z"}, {"uuid": "ad68e0e3-4576-4367-8bab-c436f9bd850d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22131", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg6qdipp5w2p", "content": "", "creation_timestamp": "2025-01-20T16:15:51.193233Z"}, {"uuid": "1665ce78-73d1-4831-a4e9-eb155b0bb3f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22131", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg6sig4x2o2g", "content": "", "creation_timestamp": "2025-01-20T16:54:23.941215Z"}, {"uuid": "7a0878b7-18d2-4286-b4ac-fbe8eaaf9a85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22131", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ly4knrdshf2a", "content": "", "creation_timestamp": "2025-09-05T21:02:24.908473Z"}, {"uuid": "090f1a24-e248-4e7c-a502-b10d1f5bee3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22131", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2368", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22131\n\ud83d\udd39 Description: PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting (XSS) vulnerability in the code which translates the XLSX file into a HTML representation and displays it in the response.\n\ud83d\udccf Published: 2025-01-20T15:31:19.693Z\n\ud83d\udccf Modified: 2025-01-20T15:31:19.693Z\n\ud83d\udd17 References:\n1. https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-79xx-vf93-p7cx\n2. https://github.com/PHPOffice/PhpSpreadsheet/commit/4088381ccfaf241d7d42c333de0dc8c98e338743", "creation_timestamp": "2025-01-20T16:01:49.000000Z"}, {"uuid": "10b685b9-755f-4ddb-b132-cce0ac004d94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22131", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/50334", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aPOC for the vuln CVE-2025-22131\nURL\uff1ahttps://github.com/s0ck37/CVE-2025-22131-POC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-09-05T06:05:49.000000Z"}, {"uuid": "13e09b49-6624-4394-b2b4-eb7c959cf18a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22131", "type": "published-proof-of-concept", "source": "Telegram/7VaWiDiZCdClD5jKnwGdCFY3BMT4SvcYbJTGW3v_R4In6yE", "content": "", "creation_timestamp": "2025-09-03T21:00:04.000000Z"}, {"uuid": "dc943411-560b-4712-a761-b24d7c0c1444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22131", "type": "seen", "source": "https://t.me/cvedetector/15898", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22131 - PhpSpreadsheet XSS\", \n  \"Content\": \"CVE ID : CVE-2025-22131 \nPublished : Jan. 20, 2025, 4:15 p.m. | 43\u00a0minutes ago \nDescription : PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting (XSS) vulnerability in the code which translates the XLSX file into a HTML representation and displays it in the response. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-20T18:23:24.000000Z"}]}