CVE-2026-26281 | InvoicePlane 1.7.0 cross site scripting (GHSA-ccpx-2v5c-cc24)

February 19, 2026 Yanac

A vulnerability was found in InvoicePlane 1.7.0. It has been classified as problematic. This impacts an unknown function. This manipulation causes cross site scripting.

The identification of this vulnerability is CVE-2026-26281. It is possible to initiate the attack remotely. There is no exploit available.

It is suggested to install a patch to address this issue.VulDB Recent EntriesRead More