CVE-2022-30875
published 2022-06-08CVE-2022-30875: Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Error Page.
PriorityP425medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.66%
46.8th percentile
Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Error Page.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dolibarr | dolibarr_erp_crm | — | — |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Cross-site Scripting in Dolibarr
ghsa·2022-06-09
CVE-2022-30875 [MEDIUM] CWE-79 Cross-site Scripting in Dolibarr
Cross-site Scripting in Dolibarr
Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Error Page.
OSV
Cross-site Scripting in Dolibarr
osv·2022-06-09
CVE-2022-30875 [MEDIUM] Cross-site Scripting in Dolibarr
Cross-site Scripting in Dolibarr
Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Error Page.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/mustgundogdu/Research/edit/main/Dolibar_12.0.5-ReflectedXSS%2Chttps://github.com/mustgundogdu/Research/edit/main/Dolibar_12.0.5-ReflectedXSS/README.mdhttps://github.com/mustgundogdu/Research/edit/main/Dolibar_12.0.5-ReflectedXSS%2Chttps://github.com/mustgundogdu/Research/edit/main/Dolibar_12.0.5-ReflectedXSS/README.md
2022-06-08
Published