CVE-2023-39707
CVE-2023-39707 concerns a stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0, allowing an attacker to inject arbitrary web scripts via the Add Expense field under Expense. The issue is tied to how input is handled in that parameter, enabling s...