Vulnerabilities > Invoiceninja > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-24 | CVE-2021-3977 | Unspecified vulnerability in Invoiceninja Invoice Ninja invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 5.4 |
| 2018-01-03 | CVE-2017-1000466 | Cross-site Scripting vulnerability in Invoiceninja Invoice Ninja 3.8.1 Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, which can result in disruption of service and execution of javascript code. | 5.4 |