Dolibarr Cross Site Scripting (XSS) vulnerability
Moderate severity
GitHub Reviewed
Published
Dec 16, 2021
to the GitHub Advisory Database
•
Updated Apr 24, 2024
Description
Published by the National Vulnerability Database
Dec 15, 2021
Published to the GitHub Advisory Database
Dec 16, 2021
Reviewed
Apr 24, 2024
Last updated
Apr 24, 2024
A Cross Site Scripting (XSS) vulnerability exists in Dolibarr before 14.0.3 via the ticket creation flow. Exploitation requires that an admin copies the payload into a box.
References