EPSS
Percentile
33.0%
dolibarr/dolibarr is vulnerable to cross-site scripting (XSS) attacks. Insufficient checks in card.php allow an remote attacker to insert arbitrary Javascript through the ticket creation flow.
card.php
github.com/Dolibarr/dolibarr/commit/facd6abec3e221ff784d5255b4767fb41339e16a
packetstormsecurity.com/files/164544/Dolibarr-ERP-CRM-14.0.2-Cross-Site-Scripting-Privilege-Escalation.html
truedigitalsecurity.com/advisory-summary-2021