3 matches found
CVE-2022-40287 Stored cross-site scripting in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC via user profile data fields.
The application was found to be vulnerable to an authenticated Stored Cross-Site Scripting XSS vulnerability in messaging functionality, leading to privilege escalation or a compromise of a targeted account...
CVE-2022-40287 Stored cross-site scripting in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC via user profile data fields.
The application was found to be vulnerable to an authenticated Stored Cross-Site Scripting XSS vulnerability in messaging functionality, leading to privilege escalation or a compromise of a targeted account...
CVE-2022-40287
The CVE-2022-40287 entry refers to an authenticated Stored Cross-Site Scripting (XSS) vulnerability in PHP Point of Sale, version 19.0, within the messaging functionality. The available connected documents confirm the vulnerability allows privilege escalation or compromise of a targeted account v...