CVE-2025-68147 | Open Source Point of Sale up to 3.4.1 Configuration Return Policy cross site scripting

A vulnerability was found in Open Source Point of Sale up to 3.4.1. It has been classified as problematic. This affects an unknown part of the component Configuration Handler. The manipulation of the argument Return Policy leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-68147. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More