Security Advisory
CVE-2025-70095
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
A cross-site scripting (XSS) vulnerability in the item management and sales invoice function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.