CVE-2026-24745 | InvoicePlane 1.7.0 Logo cross site scripting (GHSA-r9rq-f946-6×54)

A vulnerability described as problematic has been identified in InvoicePlane 1.7.0. This affects the function Logo. The manipulation results in cross site scripting.

This vulnerability is reported as CVE-2026-24745. The attack can be launched remotely. No exploit exists.

A patch should be applied to remediate this issue.VulDB Recent EntriesRead More