Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Nchsoftware Subscribe
Filtered by product Express Accounts Accounting
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-16330 1 Nchsoftware 1 Express Accounts Accounting 2019-10-21 3.5 LOW 5.4 MEDIUM
In NCH Express Accounts Accounting v7.02, persistent cross site scripting (XSS) exists in Invoices/Sales Orders/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Sales Orders/Items/Customers/Quotes fields parameter to inject arbitrary JavaScript.