A vulnerability, which was classified as problematic, has been found in BigProf Online Invoicing System 2.6. Affected by this issue is some unknown functionality of the file /invoicing/app/invoices_view.php. The manipulation of the argument FirstRecord leads to cross site scripting.
This vulnerability is handled as CVE-2023-6426. The attack may be launched remotely. There is no exploit available.