EPSS
Percentile
42.8%
dolibarr is vulnerable to cross site scripting (XSS). An attacker is able to exploit the vulnerability by storing malicious scripts in the “Private Note” field at “/adherents/note.php?id=1” endpoint which are executed in a victim’s browser.
github.com/Dolibarr/dolibarr/commit/796b2d201acb9938b903fb2afa297db289ecc93e
www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25955