Vulnerabilities > Dolibarr > Dolibarr ERP CRM > 21.0.0

DATE CVE VULNERABILITY TITLE RISK
2025-01-27 CVE-2024-55227 Cross-site Scripting vulnerability in Dolibarr Erp/Crm 21.0.0
A cross-site scripting (XSS) vulnerability in the Events/Agenda module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter.
network
low complexity
dolibarr CWE-79
critical
 9.0
9.0
2025-01-27 CVE-2024-55228 Cross-site Scripting vulnerability in Dolibarr Erp/Crm 21.0.0
A cross-site scripting (XSS) vulnerability in the Product module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter.
network
low complexity
dolibarr CWE-79
critical
 9.0
9.0