Security Advisory
CVE-2019-19210
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files.