2019-09-27 19:09:00
mitre
PUBLISHED
Dolibarr 9.0.5 has stored XSS in a User Note section to note.php. A user with no privileges can inject script to attack the admin.