Dolibarr is vulnerable to cross-site scripting (XSS) attack. The “Send all emails to(test purpose)” in “outgoing email setup” feature in the /admin/mails.php?action=edit
URI is not sanitized properly, allowing an attacker to inject malicious script through it.
CPE | Name | Operator | Version |
---|---|---|---|
dolibarr/dolibarr | le | 10.0.2 | |
dolibarr/dolibarr | le | 10.0.2 |