HomePentest-Tools.com Logo

Dolibarr <= 10.0.2 Multiple Vulnerabilities CVE-2019-17223CVE-2019-17576CVE-2019-17577CVE-2019-17578

Severity
CVSSv3 Score
5.4
Vulnerability description

Dolibarr is prone to multiple vulnerabilities.

Risk description

The following vulnerabilities exist: - HTML Injection in the Note field via user/note.php. - XSS via the outgoing email setup feature in admin/mails.php URI via the Email used for error returns emails field, the Send all emails to field and the Sender email for automatic emails field. Successful exploitation would allow an attacker to inject arbitrary HTML and JavaScript into the site.

Recommendation

Update to version 10.0.3 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 15, 2019
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available