Vulnerabilities > Nchsoftware > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-28 | CVE-2020-13473 | Cleartext Storage of Sensitive Information vulnerability in Nchsoftware Express Accounts 8.24 NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file. | 2.1 |
| 2020-12-28 | CVE-2020-13476 | Cross-site Scripting vulnerability in Nchsoftware Express Invoice 8.06/8.24 NCH Express Invoice 8.06 to 8.24 is vulnerable to Reflected XSS in the Quotes List module. | 3.5 |
| 2019-10-17 | CVE-2019-16330 | Cross-site Scripting vulnerability in Nchsoftware Express Accounts Accounting 7.02 In NCH Express Accounts Accounting v7.02, persistent cross site scripting (XSS) exists in Invoices/Sales Orders/Items/Customers/Quotes input field. | 3.5 |
| 2019-10-14 | CVE-2019-16282 | Cross-site Scripting vulnerability in Nchsoftware Express Invoice 7.12 In NCH Express Invoice v7.12, persistent cross site scripting (XSS) exists via the Invoices/Items/Customers/Quotes input field. | 3.5 |