Invoice Ninja has Stored XSS via Markdown HTML Injection in Product Notes

Invoice Ninja is a source-available invoice, quote, project and time-tracking app built with Laravel. Product notes fields in Invoice Ninja v5.13.0 allow raw HTML via Markdown rendering, enabling stored XSS. The Markdown parser output was not sanitized with `purify::clean()` before being included in invoice templates. This is fixed in v5.13.4 by the vendor by adding `purify::clean()` to sanitize Markdown output.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Invoice Ninja 跨站脚本漏洞

Invoice Ninja是Invoice Ninja开源的一个具有发票、报价、项目和时间跟踪功能的应用程序。 Invoice Ninja 5.13.0版本存在跨站脚本漏洞，该漏洞源于产品备注字段通过Markdown渲染允许原始HTML，可能导致存储型跨站脚本攻击。

N/A

N/A