PT-2026-20490 · Unknown · Invoiceplane
Lukasz-Rybak
·
Published
2026-02-18
·
Updated
2026-02-20
·
CVE-2026-23491
CVSS v4.0
9.3
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H |
Name of the Vulnerable Software and Affected Versions
InvoicePlane versions through 1.6.3
Description
InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A path traversal issue exists in the
get file method of the Guest module's Get controller. This allows unauthenticated attackers to read arbitrary files on the server by manipulating the input filename. This can lead to the disclosure of sensitive information, including configuration files with database credentials. The vulnerable method is get file within the Guest module's Get controller. The input filename is the vulnerable parameter.Recommendations
Update InvoicePlane to version 1.6.4 or later.
Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Invoiceplane