4 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-16686
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr 9.0.5 has stored XSS in a User Note section to note.php. A user with no privileges can inject script to attack the admin. CVE-2019-16686 Note that Ness...
CVE-2019-16686
Dolibarr 9.0.5 has stored XSS in a User Note section to note.php. A user with no privileges can inject script to attack the admin...
Cross-Site Scripting (XSS)
dolibarr/dolibarr is vulnerable to cross-site scripting XSS. The vulnerability exists as it was possible to store XSS payloads in the value of $note in user/note.php. This CVE ID is likely to be the same as CVE-2019-16686...
CVE-2019-16686
Summary of CVE-2019-16686 (Dolibarr 9.0.5) Dolibarr ERP/CRM 9.0.5 contains a stored cross-site scripting (XSS) vulnerability in the User Note feature (note.php). A user with no privileges can inject script to attack the admin. Affected component: Dolibarr 9.0.5; root cause: improper handling/stor...