Vulnerabilities > Invoiceninja

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-24	CVE-2021-3977	Cross-site Scripting vulnerability in Invoiceninja Invoice Ninja invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') network invoiceninja CWE-79	3.5
2021-06-06	CVE-2021-33898	Deserialization of Untrusted Data vulnerability in Invoiceninja Invoice Ninja In Invoice Ninja before 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories/AccountRepository.php that may allow an attacker to deserialize arbitrary PHP classes. network invoiceninja CWE-502	6.8
2018-01-03	CVE-2017-1000466	Cross-site Scripting vulnerability in Invoiceninja Invoice Ninja 3.8.1 Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, which can result in disruption of service and execution of javascript code. network invoiceninja CWE-79	3.5

Vulnerabilities > Invoiceninja {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Invoiceninja"}]}