Vulnerabilities > Invoiceplane

DATE CVE VULNERABILITY TITLE RISK
2017-11-17 CVE-2017-1000238 Unrestricted Upload of File with Dangerous Type vulnerability in Invoiceplane 1.4.10
InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload resulting in an authenticated user can upload a malicious file to the webserver.
network
low complexity
invoiceplane CWE-434
8.8