GHSA-726G-CGCQ-4XW8 Dolibarr Cross-Site Scripting (XSS) vulnerability

Dolibarr ERP/CRM is affected by multiple reflected Cross-Site Scripting XSS vulnerabilities in versions before 5.0.4: index.php leftmenu parameter, core/ajax/box.php PATHINFO, product/stats/card.php type parameter, holiday/list.php monthcreate, monthstart, and monthend parameters, and don/card.ph...

CVE-2017-9838

Dolibarr ERP/CRM is affected by multiple reflected Cross-Site Scripting XSS vulnerabilities in versions before 5.0.4: index.php leftmenu parameter, core/ajax/box.php PATHINFO, product/stats/card.php type parameter, holiday/list.php monthcreate, monthstart, and monthend parameters, and don/card.ph...