Vulnerabilidades en kivitendo

1 resultado

CVE-2025-66370MEDIUMKivitendo before 3.9.2 allows XXE injection. By uploading an electronic invoice in the ZUGFeRD format, it is possible to read and exfiltrateEPSS 0.3%