GCVE - cpe:2.3:a:a3factura:a3factura:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:a3factura:a3factura:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	A3Factura (`2e63105a-6226-5ea1-98fc-3379902e9005`)
Product	A3Factura (`910ea1cb-fc18-5b9a-bca4-e6306139e09b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-2680`	vulnerable	2026-06-03 15:19:24.771517	Multiple vulnerabilities in A3factura software Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerVATNumber', in 'a3factura-app.wolterskluwer.es/#/incomes/salesDeliveryNotes' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser. Published: 2026-02-26T12:18:48.247Z Updated: 2026-02-26T14:04:31.184Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-a3factura-software	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-2679`	vulnerable	2026-06-03 15:19:24.771046	Multiple vulnerabilities in A3factura software Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerName', in 'a3factura-app.wolterskluwer.es/#/incomes/salesInvoices' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser. Published: 2026-02-26T12:18:13.402Z Updated: 2026-02-26T14:06:26.035Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-a3factura-software	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-2678`	vulnerable	2026-06-03 15:19:24.770376	Multiple vulnerabilities in A3factura software Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', parameter 'name', in 'a3factura-app.wolterskluwer.es/#/incomes/customers' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser. Published: 2026-02-26T12:17:17.445Z Updated: 2026-02-26T14:09:15.966Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-a3factura-software	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-2677`	vulnerable	2026-06-03 15:19:24.766759	Multiple vulnerabilities in A3factura software Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', in 'a3factura-app.wolterskluwer.es/#/incomes/representatives-management' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser. Published: 2026-02-26T12:16:03.068Z Updated: 2026-02-26T14:13:41.794Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-a3factura-software	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.