Uyumsoft Information System and Technologies CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Uyumsoft Information System and Technologies CVE published 2023-12-21

CVE-2023-5989

CVE-2023-5989 describes a stored cross-site scripting (XSS) issue in Uyumsoft Information System and Technologies' LioXERP before v0.146. The supplied description says an authenticated user can execute stored XSS, while the NVD record assigns a network-reachable CVSS 3.1 score of 6.1 with user interaction required. Because stored XSS can affect other users who view the injected content, this issue should [truncated]

MEDIUM Uyumsoft Information System and Technologies CVE published 2023-12-21

CVE-2023-5988

CVE-2023-5988 is a reflected cross-site scripting (XSS) vulnerability in Uyumsoft Information System and Technologies' LioXERP. According to the supplied sources, versions before v.146 are affected. The issue was published on 2023-12-21 and carries a CVSS 3.1 score of 6.1 (Medium).