← voltar
CVE-2021-33618

CVE-2021-33618

EPSS 79.3%
Dolibarr ERP and CRM 13.0.2 allows XSS via object details, as demonstrated by > and < characters in the onpointermove attribute of a BODY element to the user-management feature.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://seclists.org/fulldisclosure/2021/Nov/38https://github.com/Dolibarr/dolibarr/releaseshttps://trovent.github.io/security-advisories/TRSA-2105-02/TRSA-2105-02.txthttps://trovent.io/security-advisory-2105-02