Dolibarr is an application. A modern software package that helps manage your organizationβs activities, Dolibarr ERP CRM versions 2.8.1 through 13.0.2 are vulnerable to a cross-site scripting vulnerability caused by a lack of validation of user-submitted data by the editor module in the software leading to a stored cross-site scripting vulnerability. A low privilege attacker can store malicious script in the private notes field via "/adherents/note.php?id=1".