Количество 4
Количество 4
CVE-2020-13240
The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS.
CVE-2020-13240
The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS.
CVE-2020-13240
The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup doc ...
GHSA-f848-r5g6-6gpf
Dolibarr Stored Cross-site Scripting
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-13240 The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS. | CVSS3: 5.4 | 0% Низкий | больше 5 лет назад |
 | CVE-2020-13240 The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS. | CVSS3: 5.4 | 0% Низкий | больше 5 лет назад |
| CVE-2020-13240 The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup doc ... | CVSS3: 5.4 | 0% Низкий | больше 5 лет назад |
| GHSA-f848-r5g6-6gpf Dolibarr Stored Cross-site Scripting | CVSS3: 5.4 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу