Security Advisory

CVE-2019-16687

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-09-27 19:11:34

Last updated 2024-08-05 01:17:41

Assigner mitre

State PUBLISHED

Description

Dolibarr 9.0.5 has stored XSS in a User Profile in a Signature section to card.php. A user with the "Create/modify other users, groups and permissions" privilege can inject script and can also achieve privilege escalation.

← Browse all CVEs View on cve.org ↗