exploitDog

GHSA-jm25-jfc5-xhx6

Опубликовано: 26 фев. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 4.8

CVSS3: 6.1

Описание

Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerName', in 'a3factura-app.wolterskluwer.es/#/incomes/salesInvoices' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser.

Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerName', in 'a3factura-app.wolterskluwer.es/#/incomes/salesInvoices' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser.

Ссылки

EPSS

Процентиль: 14%

0.00045

Низкий

4.8 Medium

CVSS4

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2026-2679

CVSS3: 6.1

nvd

4 месяца назад

Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerName', in 'a3factura-app.wolterskluwer.es/#/incomes/salesInvoices' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser.

EPSS

Процентиль: 14%

0.00045

Низкий

4.8 Medium

CVSS4

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79