CVE-2025-56424
HIGHInsiders Technologies e-invoice pro - Denial of Service via Crafted Script
Title source: llmDescription
An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a crafted script
References (2)
Core 2
Core References
Exploit, Third Party Advisory
https://mind-bytes.de/xml-external-entity-xxe-injection-in-e-invoice-pro-cve-2025-56424/
Scores
CVSS v3
7.5
EPSS
0.0050
EPSS Percentile
38.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-400
Status
published
Products (1)
insiders-technologies/e-invoice_pro
1.0
Published
Jan 08, 2026
Tracked Since
Feb 18, 2026