[HIGH] PhpSpreadsheet allows unauthorized Reflected XSS in the constructor of the Downloader class

PKSA-bx2k-kfb8-w1zm CVE-2024-56365 GHSA-jmpx-686v-c3wx

Affected package: phpoffice/phpexcel

Affected version: <=1.8.2

Reported by:
GitHub