Description
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 allow remote authenticated users to inject arbitrary web script or HTML via the (1) lastname, (2) firstname, (3) email, (4) job, or (5) signature parameter to htdocs/user/card.php.
Remediation
References
Related Vulnerabilities
Open Resty Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
WordPress Plugin WP Limit Posts Automatically Cross-Site Request Forgery (0.7)
Joomla Numeric Errors Vulnerability (CVE-2008-4102)
PHP Other Vulnerability (CVE-2016-7478)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-0664)