Open Source Point of Sale 安全漏洞

Open Source Point of Sale is an open source web-based point of sale system from opensourcepos. A security vulnerability exists in Open Source Point of Sale version v3.4.1, which stems from improper handling of the name parameter in the Create/Update Items module, which could lead to a cross-site...

CVE-2025-66921

CVE-2025-66921 describes a Cross-site scripting (XSS) vulnerability in the Open Source Point of Sale (OSPOS) v3.4.1, specifically in the Create/Update Item(s) Module. The issue arises from improper handling of the name parameter, allowing remote attackers to inject arbitrary web script or HTML. M...