Lucene search
Veracode Vulnerability DatabaseVERACODE:33510HistoryJan 04, 2022 - 1:38 p.m.
HTML Injection
2022-01-0413:38:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
21.9%
dolibarr/dolibarr is vulnerable to HTML injection. If there is no canonical URL defined during setup, a malicious user can initiate a POST request with any domain name in the HOST header, allowing for arbitrary domains to be set for certain links.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dolibarr/dolibarr | le | 7.0.5 | |
| dolibarr/dolibarr | le | 7.0.5 |
Related
ubuntucve
ubuntucve
CVE-2022-22293
2022-01-02 00:00:00
cnvd
cnvd
Dolibarr has unspecified vulnerabilities
2022-01-05 00:00:00
github
github
Cross site scripting in dolibarr
2022-01-03 00:00:59
osv
osv
Cross site scripting in dolibarr
2022-01-03 00:00:59
CVE-2022-22293
2022-01-02 00:15:09
cve
cve
CVE-2022-22293
2022-01-02 00:15:09
prion
prion
Design/Logic Flaw
2022-01-02 00:15:00
nvd
nvd
CVE-2022-22293
2022-01-02 00:15:09
cvelist
cvelist
CVE-2022-22293
2022-01-01 23:52:49