CNNVD-202602-2281 Information

CNNVD ID

CNNVD-202602-2281

Related CVE

CVE-2025-70095

• CNNVD Published: 2026-02-13

Description (Chinese)

opensourcepos是opensourcepos开源的一个销售点系统。 opensourcepos 3.4.1版本存在安全漏洞，该漏洞源于item management和sales invoice函数输入验证不足，可能导致跨站脚本攻击。

Description (English)

Opensourcepos is an open-source marketing point system. There is a security loophole in version 3.4.1, which stems from the insufficiency of validation in the setsem capability and sales input functions, which may result in cross-site script attacks.

Vulnerability Type

其他

Affected Vendor

opensourcepos

Published

2026-02-13

Last Modified

2026-02-24

References

https://github.com/hungnqdz/cve-research/blob/main/CVE-2025-70095.md https://github.com/opensourcepos/opensourcepos

Patch

https://github.com/opensourcepos/opensourcepos/releases