Multiple cross-site scripting vulnerabilities in Dolibarr ERP/CRM (CNVD-2016-00438)
Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system. The Dolibarr ERP/CRM htdocs/user/card.php script fails to adequately filter 'lastname', 'firstname', ' email', 'job', and 'signature' parameters, allowing remote attackers to exploit...