CVE-2020-9016: XSS
First published: Sun Feb 16 2020(Updated: )
Dolibarr 11.0 allows XSS via the joinfiles, topic, or code parameter, or the HTTP Referer header.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dolibarr Dolibarr Erp\/crm | =11.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for Dolibarr 11.0?
The vulnerability ID for Dolibarr 11.0 is CVE-2020-9016.
What is the severity of CVE-2020-9016?
The severity of CVE-2020-9016 is medium.
How does Dolibarr 11.0 allow XSS?
Dolibarr 11.0 allows XSS via the joinfiles, topic, or code parameter, or the HTTP Referer header.
Which version of Dolibarr is affected by CVE-2020-9016?
Dolibarr 11.0 is affected by CVE-2020-9016.
Is there a fix available for CVE-2020-9016?
Yes, a fix for CVE-2020-9016 is available.
- collector/nvd-index
- agent/event
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/dolibarr
- canonical/dolibarr dolibarr erp\/crm
- version/dolibarr dolibarr erp\/crm/11.0.0