logo

Database

Reflected cross-site scripting (XSS) In dolibarr/dolibarr

Description

Dolibarr ERP and CRM contain XSS Vulnerability Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2019-192112. NVD-2019-192113. OSV-2019-192114. GCVE-2019-19211

References

1. https://herolab.usd.de/en/security-advisories/usd-2019-00532. https://www.dolibarr.org/forum/dolibarr-changelogs

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.