dolibarr/dolibarr is vulnerable to cross-site scripting (XSS). The vulnerability exists as it is possible to upload a SVG with a XSS payload and cause the script to be executed when rendered in viewimage.php
.
CPE | Name | Operator | Version |
---|---|---|---|
dolibarr/dolibarr | le | 11.0.3 | |
dolibarr/dolibarr | le | 11.0.3 |