Reflected cross-site scripting using url based payload in GitHub repository neorazorx/facturascripts prior to 2022.08. This can lead to theft of a user’s cookies, which in turn could lead to account takeover or do other malicious activities in a victim’s browser.