14 Oct 2019
Vulnérabilité CVE-2019-16282 CVE Vulnerability
In NCH Express Invoice v7.12, persistent cross site scripting (XSS) exists via the Invoices/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Items/Customers fields parameter to inject arbitrary JavaScript. (CVSS:0.0) (Last Update:2019-10-14)
Vulnerability Details : In NCH Express Invoice v7.12, persistent cross site scripting (XSS) exists via the Invoices/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Items/Customers fields parameter to inject arbitrary JavaScript. Publish Date : 2019-10-14 Last Update Date : 2019-10-14 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2019-16282
- References For CVE-2019-16282
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2019-16282There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |