Vulnerabilities > Dolibarr > Dolibarr > 10.0.3

DATE CVE VULNERABILITY TITLE RISK
2020-03-16 CVE-2019-19212 Cross-site Scripting vulnerability in Dolibarr
Dolibarr ERP/CRM 3.0 through 10.0.3 allows XSS via the qty parameter to product/fournisseurs.php (product price screen).
network
low complexity
dolibarr CWE-79
7.5
7.5
2020-03-16 CVE-2019-19211 Cross-site Scripting vulnerability in Dolibarr
Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS.
network
dolibarr CWE-79
4.3
4.3