Discovered by Edward Prior on behalf of The Missing Link Security
The application was found to be vulnerable to an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in the barcode generation functionality. Allowing attackers to generate an unsafe link that could compromise users who click on the unsafe link.
Discovered in: 19.0
Fixed In: 19.0 minor release