CVE-2026-14791
CVE-2026-14791 affects crater-invoice-inc crater up to 6.0.6. The vulnerability exists in the function getFormattedString of app/Http/Requests/InvoicesRequest.php within the Invoice Note Handler . Manipulating the argument notes may lead to cross-site scripting (XSS) . The attack can be launched ...