Security Advisory

CVE-2025-55580

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-29 00:00:00

Last updated 2025-09-02 17:53:14

Assigner mitre

State PUBLISHED

Description

SolidInvoice version 2.3.7 is vulnerable to a stored cross-site scripting (XSS) issue in the Clients module. An authenticated attacker can inject JavaScript that executes in other users browsers when the Clients page is viewed. The vulnerability is fixed in version 2.3.8.

← Browse all CVEs View on cve.org ↗