Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-2060: Merge branch 'develop' of [email protected]:Dolibarr/dolibarr.git into d… · Dolibarr/dolibarr@2b5b995

Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr prior to 16.0.

CVE
Open in Source
#xss#git

@@ -446,7 +446,7 @@ print "</tr>\n";
// Date of birth if ($user->rights->hrm->read_personal_information->read || $user->rights->hrm->write_personal_information->write) { if ($user->hasRight('hrm’, 'read_personal_information’, ‘read’) || $user->hasRight('hrm’, 'write_personal_information’, ‘write’)) { print '<tr>’; print '<td>’; print $form->editfieldkey("DateOfBirth", 'birth’, $object->birth, $object, $user->rights->user->user->creer); @@ -457,7 +457,7 @@ }
// Personal email if ($user->rights->hrm->read_personal_information->read || $user->rights->hrm->write_personal_information->write) { if ($user->hasRight('hrm’, 'read_personal_information’, ‘read’) || $user->hasRight('hrm’, 'write_personal_information’, ‘write’)) { print '<tr class="nowrap">’; print '<td>’; print $form->editfieldkey("UserPersonalEmail", 'personal_email’, $object->personal_email, $object, $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write); @@ -468,7 +468,7 @@ }
// Personal phone if ($user->rights->hrm->read_personal_information->read || $user->rights->hrm->write_personal_information->write) { if ($user->hasRight('hrm’, 'read_personal_information’, ‘read’) || $user->hasRight('hrm’, 'write_personal_information’, ‘write’)) { print '<tr class="nowrap">’; print '<td>’; print $form->editfieldkey("UserPersonalMobile", 'personal_mobile’, $object->personal_mobile, $object, $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write); @@ -533,7 +533,7 @@ }
// Employee Number if ($user->rights->hrm->read_personal_information->read || $user->rights->hrm->write_personal_information->write) { if ($user->hasRight('hrm’, 'read_personal_information’, ‘read’) || $user->hasRight('hrm’, 'write_personal_information’, ‘write’)) { print '<tr class="nowrap">’; print '<td>’; print $form->editfieldkey("RefEmployee", 'ref_employee’, $object->ref_employee, $object, $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write); @@ -544,7 +544,7 @@ }
// National registration number if ($user->rights->hrm->read_personal_information->read || $user->rights->hrm->write_personal_information->write) { if ($user->hasRight('hrm’, 'read_personal_information’, ‘read’) || $user->hasRight('hrm’, 'write_personal_information’, ‘write’)) { print '<tr class="nowrap">’; print '<td>’; print $form->editfieldkey("NationalRegistrationNumber", 'national_registration_number’, $object->national_registration_number, $object, $user->rights->user->user->creer || $user->rights->hrm->write_personal_information->write);

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE