CVE-2021-47779HIGHCVSS 8.4v14.0.22026-01-16
CVE-2021-47779 [HIGH] CWE-79 CVE-2021-47779: Dolibarr ERP-CRM 14.0.2 contains a stored cross-site scripting vulnerability in the ticket creation
Dolibarr ERP-CRM 14.0.2 contains a stored cross-site scripting vulnerability in the ticket creation module that allows low-privilege users to inject malicious scripts. Attackers can craft a specially designed ticket message with embedded JavaScript that triggers when an administrator copies the text, potentially enabling privilege escalation.
cvelistv5nvd