CVE-2019-19210

Опубликовано: 16 мар. 2020

Источник: debian

Описание

Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files.

Пакет	Статус	Версия исправления	Релиз	Тип
dolibarr	removed			package

CVE-2019-19210

CVSS3: 5.4

ubuntu

почти 6 лет назад

Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files.

CVE-2019-19210

CVSS3: 5.4

nvd

почти 6 лет назад

Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files.

GHSA-87r3-4gc8-f897

CVSS3: 5.4

github

больше 3 лет назад

Dolibarr ERP and CRM contain XSS Vulnerability