Stored Cross-Site Scripting Vulnerability in Invoice Ninja by Invoice Ninja
CVE-2017-1000466
5.4MEDIUM
What is CVE-2017-1000466?
The Invoice Ninja application, specifically version 3.8.1, is susceptible to a stored cross-site scripting vulnerability. This flaw resides in the invoice creation page, which, if exploited, could allow an attacker to inject and execute malicious JavaScript code. This vulnerability poses a significant risk of service disruption and can potentially lead to unauthorized actions within the affected application.
