CVE-2017-1000239
InvoicePlane 1.4.10 is affected by a Stored Cross-Site Scripting vulnerability. An authenticated user can inject malicious client-side script that will run in the browsers of other users who visit the manipulated site. This is described across multiple sources (CVE-2017-1000239 and related record...