Lucene search
Veracode Vulnerability DatabaseVERACODE:21731HistoryOct 17, 2019 - 6:51 a.m.
Cross-Site Scripting (XSS)
2019-10-1706:51:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.001 Low
EPSS
Percentile
25.0%
Dolibarr is vulnerable to cross-site scripting (XSS) attack. The “Send all emails to(test purpose)” in “outgoing email setup” feature in the /admin/mails.php?action=edit URI is not sanitized properly, allowing an attacker to inject malicious script through it.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dolibarr/dolibarr | le | 10.0.2 | |
| dolibarr/dolibarr | le | 10.0.2 |
References
Related
prion
prion
Design/Logic Flaw
2019-10-16 18:15:00
ubuntucve
ubuntucve
CVE-2019-17576
2019-10-16 00:00:00
osv
osv
CVE-2019-17576
2019-10-16 18:15:25
Dolibarr Cross-site Scripting via outgoing email setup feature
2022-05-24 16:58:57
Dolibarr Cross-site Scripting via outgoing email setup feature
2022-05-24 16:58:57
cvelist
cvelist
CVE-2019-17576
2019-10-16 17:53:27
github
github
Dolibarr Cross-site Scripting via outgoing email setup feature
2022-05-24 16:58:57
cve
cve
CVE-2019-17576
2019-10-16 18:15:25
nvd
nvd
CVE-2019-17576
2019-10-16 18:15:25
openvas
openvas
Dolibarr <= 10.0.2 Multiple Vulnerabilities
2019-12-09 00:00:00