CVE-2022-2016

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in packagist/facturascripts/facturascripts

Identifiers

GHSA-j8c7-3jpq-8985, CVE-2022-2016

Package Slug

packagist/facturascripts/facturascripts

Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Description

neorazorx/facturascripts suffers from a reflected Cross-site Scripting (XSS). This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device.

Affected Versions

All versions up to 2022.08

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-06-13

source