Lucene search
GoogleOSV:CVE-2017-17971HistoryDec 29, 2017 - 6:29 p.m.
CVE-2017-17971
2017-12-2918:29:00
Google
osv.dev
4
0.001 Low
EPSS
Percentile
34.2%
The test_sql_and_script_inject function in htdocs/main.inc.php in Dolibarr ERP/CRM 6.0.4 blocks some event attributes but neither onclick nor onscroll, which allows XSS.
References
Related
osv
osv
Dolibarr ERP and CRM contain XSS Vulnerability
2022-05-14 03:50:13
openvas
openvas
Dolibarr < 7.0.1 XSS Vulnerability
2018-01-04 00:00:00
cve
cve
CVE-2017-17971
2022-10-03 16:23:20
nvd
nvd
CVE-2017-17971
2017-12-29 18:29:00
github
github
Dolibarr ERP and CRM contain XSS Vulnerability
2022-05-14 03:50:13
prion
prion
Cross site scripting
2017-12-29 18:29:00
ubuntucve
ubuntucve
CVE-2017-17971
2017-12-29 00:00:00
cvelist
cvelist
CVE-2017-17971
2022-10-03 16:23:20