Security Advisory

CVE-2021-47779

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-15 23:25:36

Last updated 2026-04-07 14:06:08

Assigner VulnCheck

State PUBLISHED

Description

Dolibarr ERP-CRM 14.0.2 contains a stored cross-site scripting vulnerability in the ticket creation module that allows low-privilege users to inject malicious scripts. Attackers can craft a specially designed ticket message with embedded JavaScript that triggers when an administrator copies the text, potentially enabling privilege escalation.

← Browse all CVEs View on cve.org ↗