InvoicePlane

v1.6.5 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 3mo Productivity & Wikis

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 2 known CVEs

Topics

billing codeigniter crm invoiceplane invoices invoicing

+1 more

php

Summary

AI summary

PHP 8.1 compatibility release with same security improvements as v1.7.1 including XSS fixes and SVG upload restrictions for legacy PHP version support.

Breaking Changes

SVG logo uploads now disabled

Security Fixes

XSS vulnerabilities fixed through sanitization
SVG upload restriction to prevent XSS

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track InvoicePlane

Get notified when new releases ship.

About InvoicePlane

A self-hosted open source application for managing your invoices, clients and payments.

All releases →

Related context

Related tools

Beta — feedback welcome: [email protected]