CVE-2026-25595

MEDIUM

InvoicePlane < 1.7.1 - Authenticated Stored Cross-Site Scripting via Invoice Number Field

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-25595. PoCs published by XiaomingX, lagathos.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2026-25595, a stored XSS vulnerability in InvoicePlane 1.7.0. It includes vulnerability details, affected code snippets, proof-of-concept steps, and impact analysis.

Description

InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting (XSS) vulnerability exists in InvoicePlane 1.7.0 via the Invoice Number field. An authenticated administrator can inject malicious JavaScript that executes when any administrator views the affected invoice or visits the dashboard. Version 1.7.1 patches the issue.

Exploits (2)

github WRITEUP 10 stars

by XiaomingX · pythonpoc

https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-25595

View Code ZIP pw:eip

This repository provides a detailed technical analysis of CVE-2026-25595, a stored XSS vulnerability in InvoicePlane 1.7.0. It includes vulnerability details, affected code snippets, proof-of-concept steps, and impact analysis.

Classification

Writeup 100%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: InvoicePlane 1.7.0

Auth required

Prerequisites: Access to an admin account in InvoicePlane

MITRE ATT&CK

T1059.007 - JavaScript T1189 - Drive-by Compromise

devstral-2 · analyzed Mar 16, 2026 Full analysis →

nomisec WRITEUP

by lagathos · poc

https://github.com/lagathos/CVE-2026-25595

View Code ZIP pw:eip

This repository provides a detailed technical analysis of CVE-2026-25595, a stored XSS vulnerability in InvoicePlane 1.7.0. It includes vulnerable code snippets, proof-of-concept steps, and impact assessment, demonstrating a clear understanding of the vulnerability.

Classification

Writeup 100%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: InvoicePlane 1.7.0

Auth required

Prerequisites: Access to an admin account in InvoicePlane

MITRE ATT&CK

T1059.007 - JavaScript T1189 - Drive-by Compromise

devstral-2 · analyzed Mar 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory x_refsource_confirm

https://github.com/InvoicePlane/InvoicePlane/security/advisories/GHSA-xxvr-2564-6jg6

Patch x_refsource_misc

https://github.com/InvoicePlane/InvoicePlane/commit/93622f2df88a860d89bfee56012cabb2942061d6

View Patch ZIP pw:eip

Scores

CVSS v3 4.8

EPSS 0.0021

EPSS Percentile 11.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (1)

invoiceplane/invoiceplane < 1.7.1

Published Feb 18, 2026

Tracked Since Feb 19, 2026