2 matches found
CVE-2024-23867
CVE-2024-23867 affects Cups Easy (Purchase & Inventory) 1.0, where user-controlled input in the stateid parameter of /cupseasylive/statecreate.php is not sufficiently encoded, enabling a Cross-Site Scripting (XSS) vulnerability. The vulnerability could allow a remote attacker to deliver a crafted...
CVE-2024-23867 Cross-Site Scripting (XSS) vulnerability in Cups Easy
A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/statecreate.php, in the stateid parameter. Exploitation of this vulnerability coul...