ГлавнаяУязвимости → CVE-2025-66921
7.2высокая

CVE-2025-66921

Описание

A Cross-site scripting (XSS) vulnerability in Create/Update Item(s) Module in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter.

Затрагиваемое ПО
Opensourcepos Open source point of sale
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/omkaryepre/vulnerability-research/blob/main/CVE-2025-66921/readme.mdhttps://github.com/opensourcepos/opensourceposhttps://github.com/omkaryepre/vulnerability-research/blob/main/CVE-2025-66921/readme.md