Vulnerabilities

CVE-2021-33618

by Fred · 10/11/2021

Dolibarr ERP and CRM 13.0.2 allows XSS via object details, as demonstrated by > and < characters in the onpointermove attribute of a BODY element to the user-management feature. Date published : 2021-11-10 http://seclists.org/fulldisclosure/2021/Nov/38

https://github.com/Dolibarr/dolibarr/releases

Similar

Tags: Cybersecurity Alert