CVE-2026-24743 | InvoicePlane 1.7.0 cross site scripting (GHSA-485m-4725-2428)

A vulnerability labeled as problematic has been found in InvoicePlane 1.7.0. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to cross site scripting.

This vulnerability is registered as CVE-2026-24743. It is possible to launch the attack remotely. No exploit is available.

Applying a patch is advised to resolve this issue.VulDB Recent EntriesRead More