[HIGH] FacturaScripts has Stored Cross-Site Scripting (XSS) in "Observations" field via History View

PKSA-xpcq-5crs-c78v CVE-2026-23997 GHSA-4v7v-7v7r-3r5h

Affected package: facturascripts/facturascripts

Affected version: <=2025.71

Reported by:
GitHub