While working with OOXML file for spreadsheet, there is a possibility of XML Entity Expansion (XEE) attack that allows remote attackers to cause a denial of service (CPU consumption) via a specially crafted OOXML file. The issue was initially reported by Xiaolong Zhu and Huijun Chen from Huawei Technologies Co., Ltd.
Our question is: Has Aspose.Cells already handled this vulnerability? If not, are there any plans to handle this?
PS: I don’t have any such file to share with you, but I am sure your developers will have an idea about this. Apache POI has already handled this https://poi.apache.org/ .