Multiple vulnerabilities in Dolibarr ERP/CRM

CERT-LatestNews ThreatsCybercrime
Description. The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of user-supplied data in multiple parameters in "/dolibarr/htdocs/user/card.php" file.