Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Epicor Enterprise 7.4 before FS74SP6HotfixTL054181 allow remote attackers to inject arbitrary web script or HTML via the 1 Notes section to Order details; 2 Description section to "Order to consume"; 3 Favorites name section to Favorites; 4...