Please report security issues to mail@invoiceplane.com
Security: InvoicePlane/InvoicePlane
Security
SECURITY.md
-
Stored Cross-Site Scripting (XSS) in Sumex Invoice ViewGHSA-ccpx-2v5c-cc24 published
Feb 16, 2026 by nielsdrost7Moderate -
Stored Cross-Site Scripting in Identifier FormattingGHSA-432m-jv69-qp5j published
Feb 16, 2026 by nielsdrost7Moderate -
Stored XSS via Product Unit Name in Invoice Item ListGHSA-3wjq-822q-98f4 published
Feb 16, 2026 by nielsdrost7Moderate -
Stored XSS via Invoice Number in Invoice View and DashboardGHSA-xxvr-2564-6jg6 published
Feb 16, 2026 by nielsdrost7Moderate -
Stored XSS via Family Name in Product FormGHSA-wrr7-2f27-8h94 published
Feb 16, 2026 by nielsdrost7Moderate -
Multiple Stored Cross-Site Scripting (XSS) Vulnerabilities in Admin PanelGHSA-w2wc-6mf4-99x8 published
Feb 16, 2026 by nielsdrost7Moderate -
Remote Code Execution via Local File Inclusion and Log PoisoningGHSA-g6rw-m9mf-33ch published
Feb 16, 2026 by nielsdrost7Critical -
Stored Cross-Site Scripting (XSS) in InvoicePlane version 1.7.0GHSA-485m-4725-2428 published
Feb 16, 2026 by nielsdrost7Moderate -
Stored Cross-Site Scripting (XSS) in InvoicePlane version 1.7.0GHSA-r9rq-f946-6x54 published
Feb 16, 2026 by nielsdrost7Moderate -
Stored Cross-Site Scripting (XSS) in InvoicePlane version 1.7.0GHSA-5mxx-553h-m62w published
Feb 16, 2026 by nielsdrost7Moderate
Learn more about advisories related to InvoicePlane/InvoicePlane in the GitHub Advisory Database