An issue exists in Dolibarr up to and including 7.0.0. There is Stored XSS in expensereport/card.php in the expense reports plugin via the comments parameter, or a public or private note.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dolibarr dolibarr |