Vulnerabilities > Dolibarr > Dolibarr > 10.0.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-16 | CVE-2019-19212 | Cross-site Scripting vulnerability in Dolibarr Dolibarr ERP/CRM 3.0 through 10.0.3 allows XSS via the qty parameter to product/fournisseurs.php (product price screen). | 7.5 |
2020-03-16 | CVE-2019-19211 | Cross-site Scripting vulnerability in Dolibarr Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS. | 4.3 |