logo

Database

Server side cross-site scripting In dolibarr/dolibarr

Description

Dolibarr Cross-site Scripting vulnerability A cross-site scripting (XSS) vulnerability in the Product module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version

Aliases

1. CVE-2024-552282. NVD-2024-552283. OSV-2024-552284. GCVE-2024-55228

References

1. https://github.com/Dolibarr/dolibarr/commit/56710ce9b79a97df093f586c90bdaf6cce6a58082. https://github.com/Dolibarr/dolibarr/commit/9aa24d9d9aeab36358c725dae3fe20c9631082e73. https://github.com/Dolibarr/dolibarr/commit/c0250e4c9106b5c889e512a4771f0205d4f99b994. https://gist.github.com/Dqtdqt/a942bbce9a5fc851dce366902411c7685. https://github.com/Dolibarr/dolibarr/security/policy

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.