2 matches found
CVE-2015-8685
CVE-2015-8685 affects Dolibarr ERP/CRM (3.8.3 and earlier). The issue is multiple cross-site scripting (XSS) vulnerabilities where untrusted data is not properly escaped in two fields on the import external calendar page: (1) the external calendar URL and (2) the Bank Name field. This allows remo...
dolibarr HTML Injection
Title: HTML Injection in dolibarr Author: Sergio Galán - @NaxoneZ Date: Dec 24,2015 Vendor Homepage: http://www.dolibarr.es/ Vulnerable version: More Info =======https://github.com/Dolibarr/dolibarr/issues/4291 Fixed =======...