An issue exists in Dolibarr up to and including 7.0.0. There is Stored XSS in expensereport/card.php in the expense reports plugin via the comments parameter, or a public or private note.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
dolibarr dolibarr |
Vulmon