CVE-2020-11823 · Vexday

CVE-2020-11823

EPSS 0.7%

In Dolibarr 10.0.6, if USER_LOGIN_FAILED is active, there is a stored XSS vulnerability on the admin tools --> audit page. This may lead to stealing of the admin account.

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://fatihhcelik.blogspot.com/2020/04/dolibarr-stored-xss.html