Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/12/18 12:35 a.m.6 views

CVE-2025-66924

A Cross-site scripting XSS vulnerability in Create/Update Item Kits in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter...

6.1CVSS6AI score0.00217EPSS
Exploits1References1
NVD
NVD
added 2025/12/17 6:15 p.m.4 views

CVE-2025-66924

A Cross-site scripting XSS vulnerability in Create/Update Item Kits in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter...

6.1CVSS0.00217EPSS
Exploits1References2
OSV
OSV
added 2025/12/17 12:0 a.m.4 views

CVE-2025-66924

A Cross-site scripting XSS vulnerability in Create/Update Item Kits in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter...

6.1CVSS5.9AI score0.00217EPSS
Exploits1References4
CVE
CVE
added 2025/12/17 12:0 a.m.11 views

CVE-2025-66924

CVE-2025-66924 (Open Source Point of Sale 3.4.1) : A Cross-site scripting (XSS) vulnerability exists in Create/Update Item Kit(s) that allows remote attackers to inject arbitrary script/HTML via the name parameter. The root cause is an unvalidated/unsanitized name input in item kit creation/updat...

6.1CVSS5.5AI score0.00217EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.29 views

CVE-2025-66924

A Cross-site scripting XSS vulnerability in Create/Update Item Kits in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter...

0.00217EPSS
Exploits1References2
Rows per page
Query Builder