Description
admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstrated by the MAIN_MAX_DECIMALS_TOT parameter.
Remediation
References
Related Vulnerabilities
MySQL CVE-2019-2834 Vulnerability (CVE-2019-2834)
WordPress Plugin Multisite Global Search 'mssearch' Parameter Cross-Site Scripting (1.2.5)
WordPress Plugin Site Import Remote File Inclusion (1.0.1)
Oracle JRE Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10356)