Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/02/20 1:22 a.m.5 views

CVE-2026-24746

InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting XSS vulnerability occurs in the Edit Quotes functions of InvoicePlane version 1.7.0. In the Editing Quotes function, the application does not validate user input at th...

7.5CVSS5.7AI score0.00279EPSS
Exploits1References1
NVD
NVD
added 2026/02/18 9:16 p.m.7 views

CVE-2026-24746

InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting XSS vulnerability occurs in the Edit Quotes functions of InvoicePlane version 1.7.0. In the Editing Quotes function, the application does not validate user input at th...

7.5CVSS0.00279EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/18 8:51 p.m.4 views

CVE-2026-24746 InvoicePlane has a Stored Cross-Site Scripting (XSS) issue

InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting XSS vulnerability occurs in the Edit Quotes functions of InvoicePlane version 1.7.0. In the Editing Quotes function, the application does not validate user input at th...

5.7CVSS5.7AI score0.00279EPSS
Exploits1References2
CVE
CVE
added 2026/02/18 8:51 p.m.16 views

CVE-2026-24746

InvoicePlane 1.7.0 contains a Stored Cross‑Site Scripting (XSS) flaw in the Edit Quotes workflow (quote_number input) that is exploitable with administrator privileges. The issue can lead to unauthorized data modification and persistence of malicious scripts, potentially compromising application ...

7.5CVSS5.7AI score0.00279EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.7 views

PT-2026-20507

Name of the Vulnerable Software and Affected Versions InvoicePlane version 1.7.0 Description InvoicePlane is a self-hosted open source application used for managing invoices, clients, and payments. A Stored Cross-Site Scripting XSS issue exists in the Edit Quotes function. The application does no...

5.7CVSS5.5AI score0.00279EPSS
Exploits1References3
Rows per page
Query Builder