CVE-2026-26270 | InvoicePlane 1.7.0 Identifier Format cross site scripting (GHSA-432m-jv69-qp5j)

A vulnerability was found in InvoicePlane 1.7.0 and classified as problematic. This affects an unknown function. The manipulation of the argument Identifier Format results in cross site scripting.

This vulnerability was named CVE-2026-26270. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More