CVE-2016-1912

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
3.5
LOW
Affected
1
PROJECT

Description

Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 allow remote authenticated users to inject arbitrary web script or HTML via the (1) lastname, (2) firstname, (3) email, (4) job, or (5) signature parameter to htdocs/user/card.php.

Dolibarr/dolibarr
Dolibarr/dolibarr
Dolibarr ERP CRM is a modern software package to manage your company or foundation's activity (contacts, suppliers, invoices, orders, stocks, agenda, accounting, ...). it's an open source Web application (written in PHP) designed for businesses of any sizes, foundations and freelancers.
GitHubGitHub
7.31K