CVE-2020-11823 · Vexday

CVE-2020-11823

EPSS 0.7%

In Dolibarr 10.0.6, if USER_LOGIN_FAILED is active, there is a stored XSS vulnerability on the admin tools --> audit page. This may lead to stealing of the admin account.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://fatihhcelik.blogspot.com/2020/04/dolibarr-stored-xss.html