PT-2022-20362 · Dolibarr · Dolibarr
Published
2022-06-08
·
Updated
2025-04-03
·
CVE-2022-30875
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Dolibarr version 12.0.5
Description
The issue is related to Cross Site Scripting (XSS) via the Sql Error Page. This means that an attacker could potentially inject malicious scripts into the website, which would then be executed by the user's browser.
Recommendations
For Dolibarr version 12.0.5, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the Sql Error Page to minimize the risk of exploitation.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dolibarr