CVE-2016-1912
CVE-2016-1912 describes multiple XSS vulnerabilities in Dolibarr ERP/CRM 3.8.3, where remote authenticated users can inject arbitrary script/HTML via htdocs/user/card.php parameters: lastname, firstname, email, job, or signature. The root cause is inadequate input filtering on these fields, as no...