Browse all 3 CVE security advisories affecting invoiceninja. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-33742 | Invoice Ninja has Stored XSS via Markdown HTML Injection in Product Notes — invoiceninjaCWE-79 | 5.4 | Medium | 2026-03-26 |
| CVE-2026-33628 | Invoice Ninja Denylist Bypass may Lead to Stored XSS via Invoice Line Items — invoiceninjaCWE-79 | 5.4 | Medium | 2026-03-26 |
| CVE-2021-3977 | Cross-site Scripting (XSS) - Stored in invoiceninja/invoiceninja — invoiceninja/invoiceninjaCWE-79 | 6.1 | - | 2021-12-24 |
This page lists every published CVE security advisory associated with invoiceninja. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.