CVE-2019-1010016

Name of the Vulnerable Software and Affected Versions: Dolibarr version 6.0.4

Description: The issue affects the htdocs/product/stats/card.php component and allows for Cross Site Scripting (XSS), which can lead to cookie stealing. The attack vector involves a victim clicking a specially crafted link sent by the attacker.

Recommendations: For Dolibarr version 6.0.4, consider restricting access to the htdocs/product/stats/card.php component until a fix is available. As a temporary workaround, avoid clicking on links from untrusted sources to minimize the risk of exploitation.