Unrated severityNVD Advisory· Published Aug 29, 2025· Updated Sep 2, 2025
CVE-2025-55580
CVE-2025-55580
Description
SolidInvoice version 2.3.7 is vulnerable to a stored cross-site scripting (XSS) issue in the Clients module. An authenticated attacker can inject JavaScript that executes in other users' browsers when the Clients page is viewed. The vulnerability is fixed in version 2.3.8.
Affected products
2- SolidInvoice/SolidInvoicedescription
- Range: <=2.3.7
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- solidinvoice.comitre
News mentions
0No linked articles in our index yet.