CNNVD-202512-2899 Information

CNNVD ID

CNNVD-202512-2899

Related CVE

CVE-2025-64012

• CNNVD Published: 2025-12-16

Description (Chinese)

InvoicePlane是InvoicePlane开源的一个应用软件。提供一个自托管的开源应用程序，用于管理您的报价，发票，客户和付款。 InvoicePlane存在安全漏洞，该漏洞源于访问控制不当，可能导致发票数据泄露。

Description (English)

InvoicePlane is an open-source application for Invoice Plane. Provides an open source application for managing your offers, invoices, customers and payments. There was a security loophole in Invoice Plane, which stemmed from inadequate access controls that could lead to the disclosure of invoiced data.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-16

Last Modified

2026-02-24

References

https://gist.github.com/tarekramm/797073e9ae991211ff2ae71ed1190c7d https://github.com/InvoicePlane/InvoicePlane/commit/debb446ceaa84efc136987fc1e21b268f34e47b0