CVE-2025-9168 – SolidInvoice Cross-Site Scripting Vulnerability

August 19, 2025

CVE ID : CVE-2025-9168

Published : Aug. 19, 2025, 9:15 p.m. | 4 hours, 28 minutes ago

Description : A vulnerability was found in SolidInvoice up to 2.4.0. This issue affects some unknown processing of the file /invoice of the component Invoice Creation Module. The manipulation of the argument Client Name results in cross site scripting. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-9186 – Firefox Focus for Android URL Spoofing Vulnerability

Next Article CVE-2025-9183 – Firefox Spoofing Address Bar Vulnerability

Stop writing tests: Automate fully with Generative AI

Opsera’s Codeglide.ai lets developers easily turn legacy APIs into MCP servers

Black Duck Security GitHub App, NuGet MCP Server preview, and more – Daily News Digest

10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

This new Coros watch has 3 weeks of battery life and tracks way more – even fly fishing

5 ways automation can speed up your daily workflow – and implementation is easy

This new C-suite role is more important than ever in the AI era – here’s why

iPhone users may finally be able to send encrypted texts to Android friends with iOS 26

Creating Dynamic Real-Time Features with Laravel Broadcasting

Creating Dynamic Real-Time Features with Laravel Broadcasting

Understanding Tailwind CSS Safelist: Keep Your Dynamic Classes Safe!

Sitecore’s Content SDK: Everything You Need to Know

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Microsoft admits it broke “Reset this PC” in Windows 11 23H2 KB5063875, Windows 10 KB5063709

How to Fix “EA AntiCheat Has Detected an Incompatible Driver” on Windows 11?

CVE-2025-9168 – SolidInvoice Cross-Site Scripting Vulnerability

Investors beware: AI-powered financial scams swamp social media

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection

Safely Modifying AEM Cloud Service UIs With App Builder Extension Points

Ready to ditch Windows? ‘End of 10’ makes converting your PC to Linux easier than ever

Best Free Alternatives to Apple’s Remove Background Quick Action

Critical Commvault RCE Vulnerability Lets Remote Attackers Execute Arbitrary Code

CVE-2025-5746 – WooCommerce Drag and Drop Multiple File Upload Arbitrary File Upload Vulnerability

CVE-2025-6603 – “qCUDA qcow Integer Overflow Vulnerability”

Windows 11 24H2’s Settings now bundles FAQs section to tell you more about your system

CVE-2025-9168 – SolidInvoice Cross-Site Scripting Vulnerability

Related Posts