Description

Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the username parameter in a setup action to admin/company.php, or the PATH_INFO to (2) admin/security_other.php, (3) admin/events.php, or (4) admin/user.php.

Remediation

References

CVE-2011-4329

Related Vulnerabilities

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-45150)

WordPress Plugin Essential Addons for Elementor Cross-Site Scripting (5.0.8)

WordPress Plugin WPS Cleaner Multiple Cross-Site Request Forgery Vulnerabilities (1.4.4)

WordPress Plugin Google SEO Pressor for Rich snippets Cross-Site Scripting (1.2.6)

MySQL CVE-2022-39402 Vulnerability (CVE-2022-39402)

Severity

Medium

Classification

CVE-2011-4329 CWE-707

Tags

Missing Update Known Vulnerabilities