BIT-DOLIBARR-2020-11823

In Dolibarr 10.0.6, if USERLOGINFAILED is active, there is a stored XSS vulnerability on the admin tools -- audit page. This may lead to stealing of the admin account...

PT-2020-12872 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 10.0.6 Description: A stored XSS issue exists in the admin tools -- audit page when the USER LOGIN FAILED feature is active. This could potentially allow for the theft of an admin account. Recommendations: For Dolibarr versio...

CVE-2014-3549

Cross-site scripting XSS vulnerability in the getdescription function in lib/classes/event/userloginfailed.php in Moodle 2.7.x before 2.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted username that is improperly handled during the logging of an invalid login attem...

Cross site scripting

Cross-site scripting XSS vulnerability in the getdescription function in lib/classes/event/userloginfailed.php in Moodle 2.7.x before 2.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted username that is improperly handled during the logging of an invalid login attem...