Skip to main content
Loading…
    CVE-2025-66370 — Kivitendo before 3.9.2 allows XXE injection. By uploading an electronic invoice in the ZUGFeRD format, it is possible to read and exfiltrate files from the server's filesystem. — CVE Database · The Intelligence Room