CVE-2017-1000238
InvoicePlane 1.4.10 is vulnerable to an Arbitrary File Upload, allowing an authenticated user to upload a malicious file to the webserver and potentially compromise it. The issue is documented across multiple sources (NVD and vendor advisories) with a high impact (CVE-2017-1000238) and a CVSS v3 ...