Cups Easy cross-site scripting vulnerability (CNVD-2024-12238)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the description parameter on the /cupseasylive/taxstructurecreate.php page. An attacker...