0.001 Low
EPSS
Percentile
50.5%
htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header.
github.com/tufangungor/tufangungor.github.io/blob/master/_posts/2020-01-19-dolibarr-10.0.6-xss-in-http-header.md
tufangungor.github.io/exploit/2020/01/18/dolibarr-10.0.6-xss-in-http-header.html