Vulnerability Details CVE-2022-40290
The application was vulnerable to an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in the barcode generation functionality, allowing attackers to generate an unsafe link that could compromise users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 29.6%
CVSS Severity
CVSS v3 Score 6.1
Products affected by CVE-2022-40290
-
cpe:2.3:a:phppointofsale:php_point_of_sale:19.0