Dolibarr is vulnerable to cross-site scripting (XSS) attack. The “Send all emails to(test purpose)” in “outgoing email setup” feature in the /admin/mails.php?action=edit
URI is not sanitized properly, allowing an attacker to inject malicious script through it.