CVE-2024-23874
CVE-2024-23874 affects Cups Easy (Purchase & Inventory) v1.0. A Cross-Site Scripting (XSS) flaw exists in the address1 parameter of /cupseasylive/companymodify.php caused by insufficient encoding of user-controlled input. This could allow a remote attacker to entice an authenticated user to visit...