An issue exists in Dolibarr 10.0.2. It has XSS via the "outgoing email setup" feature in the admin/mails.php?action=edit URI via the "Sender email for automatic emails (default value in php.ini: Undefined)" field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dolibarr dolibarr erp\\/crm 10.0.2 |