CVE-2025-41011
Vulnerability Description
HTML injection vulnerability in PHP Point of Sale v19.4. This vulnerability allows an attacker to render HTML in the victim's browser due to a lack of proper validation of user input by sending a request to '/reports/generate/specific_customer', ussing 'start_date_formatted' y 'end_date_formatted' parameters.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-79
Source
NVD
Vendor
PHP Point Of Sale
Product
PHP Point Of Sale
Discussion (0)
Add Comment
No comments yet. Be the first!