Description
Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the REST API module, related to analyseVarsForSqlAndScriptsInjection and testSqlAndScriptInject.
Remediation
References
Related Vulnerabilities
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-34798)
WordPress Plugin Bing Site Verification using Meta Tag Cross-Site Scripting (1.0)
WordPress Plugin Teaser Maker Cross-Site Scripting (0.1.114)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5730)