Description
A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to user/card.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Simple Download Button Shortcode 'file' Parameter Information Disclosure (1.0)
Apache 2.x version older than 2.2.6
Opencart Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-47444)
WordPress Plugin Free counter Cross-Site Scripting (1.1)
WordPress Plugin Easy Social Icons Cross-Site Scripting (3.0.8)