Branko Brkic

**Name of the Vulnerable Software and Affected Versions** Invoice Ninja versions 5.8.56 through 5.11.23 **Description** Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF), allowing for arbitrary file read and network resource requests as the application user. This issue enables attackers to perform arbitrary file reads and network requests. **Recommendations** For versions 5.8.56 through 5.11.23, as a temporary workaround, consider restricting access to sensitive files and network resources to minimize the risk of exploitation. However, the provided information does not specify a fixed version or patch, so at the moment, there is no information about a newer version that contains a fix for this vulnerability.