VULNMAP - Security Vulnerabilities

CVE
2019-12941
View CVE 2019-12941

Public CVE-2019-12941 disclosure

In NCH Express Invoice v7.12, persistent cross site scripting (XSS) exists via the Invoices/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Items/Customers fields parameter to inject arbitrary JavaScript.

Link not working? No problem! With VULNMAP you always have guaranteed access to security information thanks to reliable backups.

🕰️ View on Wayback Machine 🔍 Search on Google NVD Database CVE.ORG Database
Our backup links ensure that critical data remains always available, even in case of unavailability of original sites.