Description
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the username parameter in a setup action to admin/company.php, or the PATH_INFO to (2) admin/security_other.php, (3) admin/events.php, or (4) admin/user.php.
Remediation
References
Related Vulnerabilities
concrete5 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-13790)
Oracle Database Server CVE-2020-2516 Vulnerability (CVE-2020-2516)
WebLogic CVE-2020-2828 Vulnerability (CVE-2020-2828)
Python Other Vulnerability (CVE-2002-1119)
PrestaShop Improper Privilege Management Vulnerability (CVE-2013-6295)