EPSS
Percentile
24.8%
An issue was discovered in Dolibarr 10.0.2. It has XSS via the “outgoing email setup” feature in the admin/mails.php?action=edit URI via the “Email used for error returns emails (fields ‘Errors-To’ in emails sent)” field.
github.com/Dolibarr/dolibarr
mycvee.blogspot.com/p/cve-2019-17576.html
nvd.nist.gov/vuln/detail/CVE-2019-17577