Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-33618

Disclosure Date: November 10, 2021 (last updated February 23, 2025)
Dolibarr ERP and CRM 13.0.2 allows XSS via object details, as demonstrated by > and < characters in the onpointermove attribute of a BODY element to the user-management feature.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0