6 matches found
CVE-2025-66921
A Cross-site scripting XSS vulnerability in Create/Update Items Module in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter...
CVE-2025-66921
A Cross-site scripting XSS vulnerability in Create/Update Items Module in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter...
CVE-2025-66921
A Cross-site scripting XSS vulnerability in Create/Update Items Module in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter...
CVE-2025-66921
CVE-2025-66921 describes a Cross-site scripting (XSS) vulnerability in the Open Source Point of Sale (OSPOS) v3.4.1, specifically in the Create/Update Item(s) Module. The issue arises from improper handling of the name parameter, allowing remote attackers to inject arbitrary web script or HTML. M...
PT-2025-51847
A Cross-site scripting XSS vulnerability in Create/Update Items Module in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter...
Open Source Point of Sale 安全漏洞
Open Source Point of Sale is an open source web-based point of sale system from opensourcepos. A security vulnerability exists in Open Source Point of Sale version v3.4.1, which stems from improper handling of the name parameter in the Create/Update Items module, which could lead to a cross-site...