CVE-2024-56975 | InvoicePlane up to 1.6.11 Upload Controller upload_file unrestricted upload
A vulnerability, which was classified as critical, was found in InvoicePlane up to 1.6.11. This affects the function upload_file of the component Upload Controller. The manipulation leads to unrestricted upload.
This vulnerability is uniquely identified as CVE-2024-56975. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.