A critical plaintext credential storage vulnerability in SolidInvoice exposes all REST API tokens to potential theft, facilitating full system compromise.

This vulnerability involves the insecure storage of API tokens as plaintext strings in the api_tokens database table. An attacker with access to the database—whether via SQL injection, leaked backups, or insider access—can retrieve these tokens to impersonate users and gain full unauthorized access to the application.

With a CVSS score of 8.1, this vulnerability poses a significant risk to the confidentiality and integrity of the invoicing platform. Successful exploitation allows for complete unauthorized access to API-connected services, potentially leading to the theft of financial data, customer records, and unauthorized manipulation of invoicing workflows.

Immediate Action: Upgrade to version 2.3.17 or later immediately to address the insecure storage mechanism.

Proactive Monitoring: Audit database access logs for unusual queries targeting the api_tokens table and monitor API logs for anomalous usage patterns.

Compensating Controls: Ensure strict access controls on database backups and implement database encryption at rest to mitigate the impact of physical or logical data exposure.

Public Exploit Available: true

The exposure of API tokens in plaintext is a severe security oversight that provides an immediate path to full account takeover. Administrators must update to version 2.3.17 immediately and rotate all existing API tokens to invalidate any credentials that may have already been compromised.