Unrated severityNVD Advisory· Published Feb 26, 2026· Updated Feb 26, 2026
Multiple vulnerabilities in A3factura software
CVE-2026-2679
Description
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerName', in 'a3factura-app.wolterskluwer.es/#/incomes/salesInvoices' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: 4.111.2-rev.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.