CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-19993

A reflected cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the transphrase parameter to public/notice.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.8%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://github.com/Dolibarr/dolibarr/commit/fc3fcc5455d9a610b85723e89e8be43a41ad1378
https://github.com/Dolibarr/dolibarr/commit/fc3fcc5455d9a610b85723e89e8be43a41ad1378

Products affected by CVE-2018-19993

Dolibarr » Dolibarr Erp/crm » Version: 8.0.2

cpe:2.3:a:dolibarr:dolibarr_erp/crm:8.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-19993

Products

Pricing

Contact Us