CVE-2026-26378
EUVD-2026-3416903.06.2026, 19:16
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via file upload function in Invoice features
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| koha | koha | 𝑥 ≤ 25.11.00 |
𝑥
= Vulnerable software versions