The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the user profile data fields, which could be leveraged to escalate privileges within and compromise any account that views their user profile.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
phppointofsale php point of sale 19.0 |
Vulmon