HomePentest-Tools.com Logo

Dolibarr <= 10.0.1 XSS Vulnerability CVE-2019-16197

Severity
CVSSv3 Score
6.1
Vulnerability description

Dolibarr is prone to a cross-site scripting (XSS) vulnerability.

Risk description

The vulnerability exists within htdocs/societe/card.php, where the value of the User-Agent HTTP header is copied into the HTML document as plain text between tags. Successful exploitation would allow an authenticated attacker to inject arbitrary HTML and JavaScript into the site.

Recommendation

Update to version 10.0.2 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Sep 16, 2019
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available