VYPR
Medium severity6.1OSV Advisory· Published Feb 9, 2018· Updated Jun 17, 2026

CVE-2017-1000508

CVE-2017-1000508

Description

Invoice Plane version 1.5.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Client's details that can result in execution of javascript code . This vulnerability appears to have been fixed in 1.5.5 and later.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • 0.9beta, v1.0.0, v1.0.1, …+ 1 more
    • (no CPE)range: 0.9beta, v1.0.0, v1.0.1, …
    • (no CPE)range: <=1.5.4

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.