Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr prior to 16.0.5.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v2

Vendors Products
Dolibarr
  • Dolibarr Erp\/crm

Configuration 1 [-]

cpe:2.3:a:dolibarr:dolibarr_erp\/crm:*:*:*:*:*:*:*:*
References
Link Resource
https://github.com/dolibarr/dolibarr/commit/f569048eb2bd823525bce4ef52316e7a83e3345c Patch
https://huntr.com/bounties/aed81114-5952-46f5-ae3a-e66518e98ba3 Exploit Patch Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: @huntrdev

Published: 2023-10-30T00:00:21.048Z

Updated: 2023-10-30T00:00:21.048Z

Reserved: 2023-10-30T00:00:06.321Z

Link: CVE-2023-5842

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2023-10-30T01:15:22.013

Modified: 2023-11-07T20:38:30.847

Link: CVE-2023-5842

JSON object: View

cve-icon Redhat Information

No data.

CWE