Candidate: CVE-2015-3935
PublicDate: 2015-06-10 14:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3935
 https://github.com/Dolibarr/dolibarr/issues/2857
 https://github.com/GPCsolutions/dolibarr/commit/a7f6bbd316e9b96216e9b2c7a065c9251c9a8907
 https://github.com/Dolibarr/dolibarr/pull/2866
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.5
 and 3.6 allow remote attackers to inject arbitrary web script or HTML via
 the Business Search (search_nom) field to (1) htdocs/societe/societe.php or
 (2) htdocs/societe/admin/societe.php.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_dolibarr:
upstream_dolibarr: released (3.5.7+dfsg1-1)
precise_dolibarr: DNE
precise/esm_dolibarr: DNE
trusty_dolibarr: not-affected (3.3.4-3)
trusty/esm_dolibarr: DNE (trusty was not-affected [3.3.4-3])
utopic_dolibarr: ignored (reached end-of-life)
vivid_dolibarr: ignored (reached end-of-life)
vivid/stable-phone-overlay_dolibarr: DNE
vivid/ubuntu-core_dolibarr: DNE
wily_dolibarr: ignored (reached end-of-life)
xenial_dolibarr: not-affected (3.5.7+dfsg1-1)
yakkety_dolibarr: ignored (reached end-of-life)
zesty_dolibarr: ignored (reached end-of-life)
artful_dolibarr: ignored (reached end-of-life)
bionic_dolibarr: DNE
devel_dolibarr: DNE