Fluid Attacks Database

Description

Dolibarr Cross-site Scripting via outgoing email setup feature An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoing email setup" feature in the /admin/mails.php?action=edit URI via the "Send all emails to (instead of real recipients, for test purposes)" field.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version
packagist	dolibarr/dolibarr	=10.0.2

Aliases

1. CVE-2019-175762. NVD-2019-175763. OSV-2019-175764. GCVE-2019-17576

References

1. https://mycvee.blogspot.com/p/blog-page.html