facturascripts/facturascripts is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the ini
parameter in the getPluginInfo
function of PluginManager.php
, allowing an attacker to inject and execute malicious javascript
CPE | Name | Operator | Version |
---|---|---|---|
facturascripts/facturascripts | le | v2021.81 | |
facturascripts/facturascripts | le | v2021.81 |