An issue exists in Dolibarr 10.0.2. It has XSS via the "outgoing email setup" feature in the /admin/mails.php?action=edit URI via the "Send all emails to (instead of real recipients, for test purposes)" field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dolibarr dolibarr erp\\/crm 10.0.2 |