CNNVD-202512-3267 Information

Dec 17, 2025 cve

CNNVD ID

CNNVD-202512-3267

CVE-2025-66924

CNNVD Published: 2025-12-17

Description (Chinese)

Open Source Point of Sale是一个基于网络的销售点系统。 Open Source Point of Sale 3.4.1版本存在安全漏洞，该漏洞源于name参数未经验证，可能导致跨站脚本攻击。

Description (English)

Open Source Point of Sale is a web-based marketing point system. Open Source Point of Sale 3.4.1 contains a security loophole that originates from unverified name parameters and may lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Published

2025-12-17

Last Modified

2026-02-24

References

https://github.com/omkaryepre/vulnerability-research/blob/main/CVE-2025-66924/readme.md https://github.com/opensourcepos/opensourcepos https://access.redhat.com/security/cve/cve-2025-66924

Patch

https://opensourcepos.org/

Share on: