AI Score
Confidence
High
EPSS
Percentile
45.3%
A reflected cross-site scripting (XSS) vulnerability in Dolibarr 11.0.4 and below allows remote attackers to inject arbitrary web script or HTML into public/notice.php (related to transphrase and transkey).
github.com/Dolibarr/dolibarr
github.com/Dolibarr/dolibarr/commit/22ca5e067189bffe8066df26df923a386f044c08
nvd.nist.gov/vuln/detail/CVE-2020-14475