CVE-2026-46489 | SolidInvoice up to 2.3.16 Company Logo Upload Feature cross site scripting (GHSA-mqwm-r4g8-wf4w)

A vulnerability classified as problematic has been found in SolidInvoice up to 2.3.16. This vulnerability affects unknown code of the component Company Logo Upload Feature. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2026-46489. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More