10 matches found
EUVD-2026-22282
FacturaScripts has Stored Cross-Site Scripting XSS in "Observations" field via History View...
CVE-2026-23997
FacturaScripts is open-source enterprise resource planning and accounting software. In 2025.71 and earlier, a Stored Cross-Site Scripting XSS vulnerability was discovered in the Observations field. The flaw occurs in the History view, where historical data is rendered without proper HTML entity...
CVE-2026-23997 FacturaScripts has a Stored Cross-Site Scripting (XSS) in "Observations" field via History View
FacturaScripts is open-source enterprise resource planning and accounting software. In 2025.71 and earlier, a Stored Cross-Site Scripting XSS vulnerability was discovered in the Observations field. The flaw occurs in the History view, where historical data is rendered without proper HTML entity...
CVE-2026-23997
FacturaScripts is open-source enterprise resource planning and accounting software. In 2025.71 and earlier, a Stored Cross-Site Scripting XSS vulnerability was discovered in the Observations field. The flaw occurs in the History view, where historical data is rendered without proper HTML entity...
CVE-2026-23997 FacturaScripts has a Stored Cross-Site Scripting (XSS) in "Observations" field via History View
FacturaScripts is open-source enterprise resource planning and accounting software. In 2025.71 and earlier, a Stored Cross-Site Scripting XSS vulnerability was discovered in the Observations field. The flaw occurs in the History view, where historical data is rendered without proper HTML entity...
CVE-2026-23997
CVE-2026-23997 : FacturaScripts has a Stored Cross-Site Scripting (XSS) in the Observations field via the History view. In affected versions (2025.71 and earlier), data rendered in History is not HTML-encoded, allowing an attacker with note-editing permissions to inject JavaScript that executes i...
GHSA-4V7V-7V7R-3R5H FacturaScripts has Stored Cross-Site Scripting (XSS) in "Observations" field via History View
Summary A Stored Cross-Site Scripting XSS vulnerability was discovered in the Observations field. The flaw occurs in the History view, where historical data is rendered without proper HTML entity encoding. This allows an attacker to execute arbitrary JavaScript in the browser of viewing the histo...
FacturaScripts has Stored Cross-Site Scripting (XSS) in "Observations" field via History View
Summary A Stored Cross-Site Scripting XSS vulnerability was discovered in the Observations field. The flaw occurs in the History view, where historical data is rendered without proper HTML entity encoding. This allows an attacker to execute arbitrary JavaScript in the browser of viewing the histo...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Observations field in the History view. An attacker can execute arbitrary JavaScript code in the context of an administrator's browser session by injecting malicious scripts into the Observations field,...
PT-2026-5714
Name of the Vulnerable Software and Affected Versions FacturaScripts versions 2025.71 and earlier Description FacturaScripts software contains a Stored Cross-Site Scripting XSS flaw within the Observations field in the History view. The application fails to properly encode HTML entities when...