CVE-2019-19210

2020-03-16T15:15:00
ID CVE-2019-19210
Type cve
Reporter cve@mitre.org
Modified 2020-03-18T18:30:00

Description

Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files.