VYPR
Medium severity6.1OSV Advisory· Published Mar 5, 2018· Updated Jun 17, 2026

CVE-2017-18217

CVE-2017-18217

Description

An issue was discovered in InvoicePlane before 1.5.5. It was observed that the Email address and Web address parameters are vulnerable to Cross Site Scripting, related to application/modules/clients/views/view.php, application/modules/invoices/views/view.php, and application/modules/quotes/views/view.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • 0.9beta, v1.0.0, v1.0.1, …+ 1 more
    • (no CPE)range: 0.9beta, v1.0.0, v1.0.1, …
    • (no CPE)range: <1.5.5

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.