4 matches found
CVE-2019-16688
Dolibarr 9.0.5 has stored XSS in an Email Template section to mailstemplates.php. A user with no privileges can inject script to attack the admin. This stored XSS can affect all types of user privilege from Admin to users with no permissions...
Linux Distros Unpatched Vulnerability : CVE-2018-10095
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in Dolibarr before 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to...
CVE-2020-9016
Dolibarr 11.0 allows XSS via the joinfiles, topic, or code parameter, or the HTTP Referer header...
CVE-2020-13094
Dolibarr before 11.0.4 allows XSS...