facturascripts/facturascripts is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the ini
parameter in the getPluginInfo
function of PluginManager.php
, allowing an attacker to inject and execute malicious javascript