Medium severity6.1OSV Advisory· Published Feb 9, 2018· Updated Jun 17, 2026
CVE-2017-1000508
CVE-2017-1000508
Description
Invoice Plane version 1.5.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Client's details that can result in execution of javascript code . This vulnerability appears to have been fixed in 1.5.5 and later.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20.9beta, v1.0.0, v1.0.1, …+ 1 more
- (no CPE)range: 0.9beta, v1.0.0, v1.0.1, …
- (no CPE)range: <=1.5.4
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.