Filtered by vendor Nchsoftware Subscriptions
Filtered by product Express Accounts Accounting Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-16330 1 Nchsoftware 1 Express Accounts Accounting 2024-11-21 5.4 Medium
In NCH Express Accounts Accounting v7.02, persistent cross site scripting (XSS) exists in Invoices/Sales Orders/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Sales Orders/Items/Customers/Quotes fields parameter to inject arbitrary JavaScript.