A vulnerability was found in FOSSBilling up to 0.7.x. It has been rated as problematic. This affects an unknown part of the component IPN Call Handler. The manipulation of the argument mc_gross leads to source code.
This vulnerability is referenced as CVE-2026-43928. Remote exploitation of the attack is possible. No exploit is available.