Description admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstrated by the MAIN_MAX_DECIMALS_TOT parameter. Remediation References CVE-2022-22293 Related Vulnerabilities Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2021-21018) WordPress Plugin Premmerce Variation Swatches for WooCommerce Security Bypass (1.0) WordPress Plugin Markup (JSON-LD) structured in schema.org Cross-Site Scripting (4.8.1) Microsoft SQL Server CVE-2023-36728 Vulnerability (CVE-2023-36728) WordPress Plugin Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, Aweber-MailOptin Security Bypass (1.2.35.1) Severity Medium Classification CVE-2022-22293 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities