2 matches found
Cross-Site Scripting (XSS)
dolibarr/dolibarr is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary script via the url bar of the doli/societe/list.php page...
UBUNTU-CVE-2015-3935
Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.5 and 3.6 allow remote attackers to inject arbitrary web script or HTML via the Business Search searchnom field to 1 htdocs/societe/societe.php or 2 htdocs/societe/admin/societe.php...