Dolibarr 6.0.4 is affected by: Cross Site Scripting (XSS). The impact is: Cookie stealing. The component is: htdocs/product/stats/card.php. The attack vector is: Victim must click a specially crafted link sent by the attacker.
[
{
"product": "Dolibarr",
"vendor": "Dolibarr ERP & CRM",
"versions": [
{
"status": "affected",
"version": "6.0.4"
}
]
}
]