2 matches found
CVE-2022-1571
Cross-site scripting - Reflected in Create Subaccount in GitHub repository neorazorx/facturascripts prior to 2022.07. This vulnerability can be arbitrarily executed javascript code to steal user'cookie, perform HTTP request, get content of same origin page, etc...
CVE-2022-1571
CVE-2022-1571 affects FacturaScripts (ERP) prior to 2022.07 via a reflected cross-site scripting flaw in the Create Subaccount flow of the neorazorx/facturascripts codebase. The vulnerability allows executing arbitrary JavaScript in a user’s browser, enabling cookie theft, outbound requests, and ...