Filtered by vendor Kivitendo
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-66370 | 1 Kivitendo | 1 Kivitendo | 2025-11-28 | 5 Medium |
| Kivitendo before 3.9.2 allows XXE injection. By uploading an electronic invoice in the ZUGFeRD format, it is possible to read and exfiltrate files from the server's filesystem. | ||||
Page 1 of 1.