CVE-2017-1000508
The CVE-2017-1000508 entry concerns InvoicePlane 1.5.4 and earlier, with a Cross‑Site Scripting (XSS) vulnerability in the Client's details field that can lead to JavaScript execution. Affected component is the web interface handling client details; root cause is unescaped input in the client det...