Unrated severityNVD Advisory· Published Feb 26, 2026· Updated Feb 26, 2026
Multiple vulnerabilities in A3factura software
CVE-2026-2677
Description
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', in 'a3factura-app.wolterskluwer.es/#/incomes/representatives-management' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 4.111.2-rev.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.