Описание
Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the REST API module, related to analyseVarsForSqlAndScriptsInjection and testSqlAndScriptInject.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | DNE | |
| esm-apps/xenial | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| lunar | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE |
Показывать по
10
EPSS
Процентиль: 89%
0.05006
Низкий
9.6 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.6
nvd
больше 2 лет назад
Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the REST API module, related to analyseVarsForSqlAndScriptsInjection and testSqlAndScriptInject.
CVSS3: 9.6
debian
больше 2 лет назад
Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and be ...
CVSS3: 9.6
github
больше 2 лет назад
Cross Site Scripting vulnerability in Dolibarr ERP CRM
EPSS
Процентиль: 89%
0.05006
Низкий
9.6 Critical
CVSS3