PT-2019-15782 · Dolibarr · Dolibarr Erp/Crm

Name of the Vulnerable Software and Affected Versions: Dolibarr CRM/ERP version 10.0.3 Description: The issue allows for Stored XSS due to JavaScript execution in an SVG image used for a profile picture. This is specifically related to the "viewimage.php?file=" endpoint, where an attacker can...