Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2019-19210

Disclosure Date: March 16, 2020 (last updated February 21, 2025)
Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0