|
Description
|
|
(#Several vulnerabilities have been identified in Dolibarr.#A remote attacker could exploit them in order to execute arbitrary JavaScript or HTML code by inciting their victim into following a specially formed link.##These vulnerabilities are located in external calendar URL or the bank name field in the "import external calendar" page.##A proof of concept is available.##Updated, 14/01/2016:#The dolibarr packages provided by Debian Jessie 8 are vulnerable.)
|
