CVE-2022-30875Cross-site Scripting in ERP CRM

CWE-79Cross-site Scripting4 documents4 sources
Severity
6.1MEDIUMNVD
EPSS
0.3%
top 49.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dolibarr ERP CRM
Timeline
PublishedJun 8
Latest updateJun 9

Description

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Error Page.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
Cross-site Scripting in Dolibarr2022-06-09
OSV
Cross-site Scripting in Dolibarr2022-06-09
CVEList
CVE-2022-30875: Dolibarr 122022-06-08
CVE-2022-30875 — Cross-site Scripting in ERP CRM | cvebase