First published: Tue Mar 19 2024(Updated: )
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager allows Reflected XSS.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through 1.5.3.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
UkrSolution Barcode Scanner and Inventory Manager WordPress | <=1.5.3 | |
WordPress Qr Code and Barcode Scanner Reader | <=1.5.3 |
Update to 1.5.4 or a higher version.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-27998 is classified as a reflected Cross-site Scripting (XSS) vulnerability.
To mitigate CVE-2024-27998, upgrade the Barcode Scanner with Inventory & Order Manager to version 1.5.4 or later.
CVE-2024-27998 affects all versions of the Barcode Scanner with Inventory & Order Manager up to and including 1.5.3.
CVE-2024-27998 allows an attacker to execute arbitrary JavaScript in the context of a user's browser via reflected XSS.
No, the vulnerability affects both the UkrSolution Barcode Scanner with Inventory & Order Manager and the WordPress Barcode Scanner and Inventory manager plugin.