Vulnerability in Fossbilling
CVE-2026-43928
FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the PayPalEmail payment adapter accepts PayPal IPN callbacks and credits the IPN-supplied amount (`mc_gross`) to the client's balance without…
Affected products
- Fossbilling — versions < 0.8.0
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)