CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstrated by the MAIN_MAX_DECIMALS_TOT parameter.

Permalink

main

Switch branches/tags

**Research/Dolibar\_7.0.2-StoredXSS/**README.md****

Go to file

*   Go to file

*   Copy path
*   Copy permalink

![@mustgundogdu](https://avatars.githubusercontent.com/u/44906987?s=48&v=4)

mustgundogdu Update README.md

Latest commit acabadc Jan 1, 2022

**History**

**1** contributor

**Users who have contributed to this file**

Dolibar\_7.0.2 Stored XSS (Authenticated) Path : http://localhost/admin/limits.php Burp Suite Request \-> Follow Redirection Burp Suite Response Stored XSS Exploit On Dolibarr 7.0.2 as Gif

18 lines (9 sloc) 539 Bytes

Raw Blame

*   Open with Desktop
*   View raw
*   Copy raw contents
*   View blame

**Dolibar\_7.0.2 Stored XSS (Authenticated)****Path : http://localhost/admin/limits.php****Burp Suite Request**

![](https://github.com/mustgundogdu/Research/raw/main/Dolibar_7.0.2-StoredXSS/burpdolibarrequest.PNG)

**\-> Follow Redirection****Burp Suite Response**

![](https://github.com/mustgundogdu/Research/raw/main/Dolibar_7.0.2-StoredXSS/burpfollowResponse.PNG)

**Stored XSS Exploit On Dolibarr 7.0.2 as Gif**

![](https://github.com/mustgundogdu/Research/raw/main/Dolibar_7.0.2-StoredXSS/exploitdolibarstoredxss.gif)

Headline

CVE-2022-22293: Research/README.md at main · mustgundogdu/Research

CVE: Latest News