CVE-2022-22293
packagist/dolibarr/dolibarr
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
admin/limits.php in Dolibarr allows HTML injection, as demonstrated by the MAINMAXDECIMALS_TOT parameter.
Version 7.0.2
Upgrade to version 7.0.3 or above.
2022-01-11
source |