2020-03-16 14:54:33
mitre
PUBLISHED
Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files.