CVE-2022-34578 Information

Description

Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page.

Reference

https://grimthereaperteam.medium.com/open-source-point-of-sale-v3-3-7-file-upload-cross-site-scripting-4900d717b2c3