Filtered by vendor Nchsoftware
Subscriptions
Filtered by product Express Accounts Accounting
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-16330 | 1 Nchsoftware | 1 Express Accounts Accounting | 2024-11-21 | 5.4 Medium |
In NCH Express Accounts Accounting v7.02, persistent cross site scripting (XSS) exists in Invoices/Sales Orders/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Sales Orders/Items/Customers/Quotes fields parameter to inject arbitrary JavaScript. |
Page 1 of 1.