Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-m8gv-gvhf-7rhp: Cross-site Scripting in FacturaScripts

FacturaScripts versions 2022.06 and prior are vulnerable to reflected cross-site scripting attacks. This vulnerability can use arbitrarily executed javascript code to steal users’ cookies, perform HTTP request, get content of same origin page, etc. A fix is available on the master branch of the GitHub repository and anticipated to be part of version 2022.07.

ghsa
#xss#vulnerability#git#java

Cross-site Scripting in FacturaScripts

Moderate severity GitHub Reviewed Published May 5, 2022 • Updated May 24, 2022

Related news

CVE-2022-1571: Cross-site scripting - Reflected in Create Subaccount in facturascripts

Cross-site scripting - Reflected in Create Subaccount in GitHub repository neorazorx/facturascripts prior to 2022.07. This vulnerability can be arbitrarily executed javascript code to steal user'cookie, perform HTTP request, get content of `same origin` page, etc ...