Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the REST API module, related to analyseVarsForSqlAndScriptsInjection and testSqlAndScriptInject.
CPE | Name | Operator | Version |
---|---|---|---|
dolibarr_erp\\/crm | le | 17.0.1 |