Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN4dnItcjkybS1xOWh3

Moderate EPSS: 0.01707% (0.81507 Percentile) EPSS:
Permalink JSON

XSS in Dolibarr

Affected Packages Affected Versions Fixed Versions
packagist:dolibarr/dolibarr < 11.0.4 11.0.4
0 Dependent packages
6 Dependent repositories
5,123 Downloads total

Affected Version Ranges

All affected versions

3.6.0, 3.6.0-beta, 3.6.1, 3.6.2, 3.6.3, 3.6.4, 3.6.5, 3.6.6, 3.7.0, 3.7.1, 3.7.2, 3.7.3, 3.7.4, 3.8.0, 3.8.0-beta, 3.8.1, 3.8.2, 3.8.3, 3.8.4, 3.9.0, 3.9.0-rc, 3.9.0-rc2, 3.9.1, 3.9.2, 3.9.3, 3.9.4, 4.0.0, 4.0.0-beta, 4.0.0-rc, 4.0.0-rc2, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 5.0.0, 5.0.0-beta, 5.0.0-rc1, 5.0.0-rc2, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.6, 5.0.7, 6.0.0, 6.0.0-beta, 6.0.0-rc, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.0.5, 8.0.6, 9.0.0, 9.0.1, 9.0.2, 9.0.3, 9.0.4, 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, 10.0.5, 10.0.6, 10.0.7, 11.0.0, 11.0.1, 11.0.2, 11.0.3

All unaffected versions

11.0.4, 11.0.5, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.0.5, 13.0.0, 13.0.1, 13.0.2, 13.0.3, 13.0.4, 13.0.5, 14.0.0, 14.0.1, 14.0.2, 14.0.3, 14.0.4, 14.0.5, 15.0.0, 15.0.1, 15.0.2, 15.0.3

Dolibarr before 11.0.4 allows XSS.

References:

Identifiers

GHSA-cxvr-r92m-q9hw

CVE-2020-13094

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.01707

EPSS Percentile: 0.81507

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/Dolibarr/dolibarr

Date and time

Published

over 5 years ago

Updated

almost 3 years ago

API

JSON