CVE-2024-28734

Cross Site Scripting vulnerability in Unit4 Financials by Coda prior to 2023Q4 allows a remote attacker to run arbitrary code via a crafted GET request using the cols parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt