| ID | CVE-2020-13239 | ||||||
| Sažetak | The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link. This causes XSS. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:M/Au:S/C:N/I:P/A:N | ||||||
| Zadnje važnije ažuriranje | 17-11-2022 - 17:21 | ||||||
| Objavljeno | 20-05-2020 - 15:15 |

