Description
Dolibarr ERP/CRM 3.0 through 10.0.3 allows XSS via the qty parameter to product/fournisseurs.php (product price screen).
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2006-5334 Vulnerability (CVE-2006-5334)
Oracle Application Server CVE-2009-3412 Vulnerability (CVE-2009-3412)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2190)
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2094)
WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.2)