Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8685

Опубликовано: 15 янв. 2016
Источник: debian

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) external calendar url or (2) the bank name field in the "import external calendar" page.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
dolibarrfixed3.5.8+dfsg1-1package
dolibarrfixed3.5.5+dfsg1-1+deb8u1jessiepackage

Примечания

  • https://github.com/Dolibarr/dolibarr/issues/4291

  • https://github.com/GPCsolutions/dolibarr/commit/0d3181324c816bdf664ca5e1548dfe8eb05c54f8

Связанные уязвимости

ubuntu логотип

CVE-2015-8685

CVSS3: 6.1
ubuntu
около 10 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) external calendar url or (2) the bank name field in the "import external calendar" page.

nvd логотип

CVE-2015-8685

CVSS3: 6.1
nvd
около 10 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) external calendar url or (2) the bank name field in the "import external calendar" page.

github логотип

GHSA-wxr6-m6q4-j9m4

CVSS3: 6.1
github
больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) external calendar url or (2) the bank name field in the "import external calendar" page.