CVE-2020-11823 · Vexday

CVE-2020-11823

EPSS 0.7%

In Dolibarr 10.0.6, if USER_LOGIN_FAILED is active, there is a stored XSS vulnerability on the admin tools --> audit page. This may lead to stealing of the admin account.

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://fatihhcelik.blogspot.com/2020/04/dolibarr-stored-xss.html