CVE-2026-2678

UNKNOWN 0.0

Multiple vulnerabilities in A3factura software

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', parameter 'name', in 'a3factura-app.wolterskluwer.es/#/incomes/customers' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser.

CWE	CWE-79
Vendor	a3factura
Product	a3factura
Published	Feb 26, 2026
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for a3factura a3factura

Be the first to know when new unknown vulnerabilities affecting a3factura a3factura are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

A3factura / A3factura

4.111.2-rev.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

incibe.es: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-a3factura-software

Credits

David Padilla Alvarado