CVE-2026-8220 | Devs Palace ERP Online up to 4.0.0 /inventory/customer-save cross site scripting

A vulnerability was found in Devs Palace ERP Online up to 4.0.0 and classified as problematic. This affects an unknown function of the file /inventory/customer-save. The manipulation results in cross site scripting.

This vulnerability is identified as CVE-2026-8220. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More