CVE-2022-22293: XSS
First published: Sat Jan 01 2022(Updated: )
admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstrated by the MAIN_MAX_DECIMALS_TOT parameter.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dolibarr Dolibarr Erp\/crm | =7.0.2 | |
| =7.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Dolibarr issue?
The vulnerability ID for this Dolibarr issue is CVE-2022-22293.
What is the severity rating of CVE-2022-22293?
CVE-2022-22293 has a severity rating of medium (5.4).
Which version of Dolibarr is affected by CVE-2022-22293?
Dolibarr version 7.0.2 is affected by CVE-2022-22293.
What is the main issue with CVE-2022-22293?
The main issue with CVE-2022-22293 is HTML injection in admin/limits.php.
How can I fix the HTML injection issue in Dolibarr 7.0.2?
To fix the HTML injection issue in Dolibarr 7.0.2, it is recommended to upgrade to a patched version of the software.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/first-publish-date
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/dolibarr
- canonical/dolibarr dolibarr erp\/crm
- version/dolibarr dolibarr erp\/crm/7.0.2