GHSA-j9m8-fw2w-frcqMediumCVSS 5.4

Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute...

Published
June 3, 2026
Last Modified
June 4, 2026

🔗 CVE IDs covered (1)

📋 Description

Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via file upload function in Invoice features

🔗 References (5)