Lucene search
Veracode Vulnerability DatabaseVERACODE:8115HistoryJan 04, 2019 - 5:53 a.m.
Cross-Site Scripting (XSS)
2019-01-0405:53:02
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.001 Low
EPSS
Percentile
46.7%
dolibarr is vulnerable to cross-site scripting (XSS). The vulnerability is possible as it does not sanitize the employee parameter in user/card.php, which would allow a remote attacker to inject arbitrary Javascript into a victim’s browser.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dolibarr/dolibarr | le | 8.0.3 | |
| dolibarr/dolibarr | le | 8.0.3 |
Related
cvelist
cvelist
CVE-2018-19998
2019-01-03 19:00:00
cve
cve
CVE-2018-19998
2019-01-03 19:29:01
osv
osv
CVE-2018-19998
2019-01-03 19:29:01
Dolibarr SQL injection vulnerability in user/card.php
2022-05-14 01:41:36
ubuntucve
ubuntucve
CVE-2018-19998
2019-01-03 00:00:00
prion
prion
Sql injection
2019-01-03 19:29:00
nvd
nvd
CVE-2018-19998
2019-01-03 19:29:01
github
github
Dolibarr SQL injection vulnerability in user/card.php
2022-05-14 01:41:36
openvas
openvas
Dolibarr < 8.0.4 Multiple Vulnerabilities
2019-01-04 00:00:00