Описание
A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to user/card.php.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:dolibarr:dolibarr_erp\/crm:8.0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00132
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
ubuntu
около 7 лет назад
A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to user/card.php.
CVSS3: 5.4
debian
около 7 лет назад
A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 al ...
CVSS3: 5.4
github
больше 3 лет назад
Dolibarr stored cross-site scripting (XSS) vulnerability
EPSS
Процентиль: 33%
0.00132
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79