Vulnerabilities > Bigprof > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-22 | CVE-2021-21260 | Cross-site Scripting vulnerability in Bigprof Online Invoicing System 4.0 Online Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. | 3.5 |
| 2020-12-24 | CVE-2020-35677 | Cross-site Scripting vulnerability in Bigprof Online Invoicing System BigProf Online Invoicing System before 4.0 fails to adequately sanitize fields for HTML characters upon an administrator using admin/pageEditGroup.php to create a new group, resulting in Stored XSS. | 3.5 |