CNNVD-202602-2161 Information

CNNVD ID

CNNVD-202602-2161

Related CVE

CVE-2025-70092

• CNNVD Published: 2026-02-12

Description (Chinese)

opensourcepos是opensourcepos开源的一个销售点系统。 OpenSourcePOS 3.4.1版本存在安全漏洞，该漏洞源于Item Kits函数对Item Name参数输入验证不足，可能导致跨站脚本攻击。

Description (English)

Opensourcepos is an open-source marketing point system. OpensourcePOS 3.4.1 has a security loophole, which stems from the insufficient validation of the Item Kits function for the Item Name parameter, which may result in a cross-site script attack.

Vulnerability Type

其他

Affected Vendor

opensourcepos

Published

2026-02-12

Last Modified

2026-02-24

References

https://github.com/hungnqdz/cve-research/blob/main/CVE-2025-70092.md https://access.redhat.com/security/cve/cve-2025-70092

Patch

https://github.com/opensourcepos/opensourcepos/releases