Security Advisory

CVE-2020-36966

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-30 16:16:37

Last updated 2026-03-05 01:27:12

Assigner VulnCheck

State PUBLISHED

Description

Dolibarr 11.0.3 contains a persistent cross-site scripting vulnerability in LDAP synchronization settings that allows attackers to inject malicious scripts through multiple parameters. Attackers can exploit the host, slave, and port parameters in /dolibarr/admin/ldap.php to execute arbitrary JavaScript and potentially steal user cookie information.

← Browse all CVEs View on cve.org ↗