CVE-2011-4814
Multiple cross-site scripting XSS vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php, 2 admin/boxes.php, 3 comm/clients.php, 4 commande/index.php; and the optioncss parameter to 5 admin/ihm.php an...