What is the vulnerability ID for this issue in Dolibarr ERP CRM?

The vulnerability ID for this issue in Dolibarr ERP CRM is CVE-2021-25955.

What is the severity of CVE-2021-25955?

CVE-2021-25955 has a severity level of critical.

What software versions are affected by CVE-2021-25955?

Versions 2.8.1 to 13.0.2 of Dolibarr ERP CRM's WYSIWYG Editor module are affected by CVE-2021-25955.

How can a low privileged user exploit this vulnerability in Dolibarr ERP CRM?

A low privileged user can exploit this vulnerability by storing malicious scripts in the "Private Note" field at the "/adherents/note.php?id=1" endpoint in Dolibarr ERP CRM's WYSIWYG Editor module.

Vulnerability/
CVE-2021-25955

critical

CWE

15/8/2021

16/9/2024

CVE-2021-25955: Stored XSS in “Dolibarr” leads to privilege escalation

Q: Are there any references or resources related to CVE-2021-25955?

Yes, you can find more information about CVE-2021-25955 in the following references: [GitHub commit](https://github.com/Dolibarr/dolibarr/commit/796b2d201acb9938b903fb2afa297db289ecc93e) and [WhiteSource Software](https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25955).

First published: Sun Aug 15 2021(Updated: )

In “Dolibarr ERP CRM”, WYSIWYG Editor module, v2.8.1 to v13.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the “Private Note” field at “/adherents/note.php?id=1” endpoint. These scripts are executed in a victim’s browser when they open the page containing the vulnerable field. In the worst case, the victim who inadvertently triggers the attack is a highly privileged administrator. The injected scripts can extract the Session ID, which can lead to full Account takeover of the admin and due to other vulnerability (Improper Access Control on Private notes) a low privileged user can update the private notes which could lead to privilege escalation.

Credit: vulnerabilitylab@mend.io

Affected Software	Affected Version	How to fix
Dolibarr Dolibarr	>=2.8.1<=13.0.2

Remedy

https://github.com/Dolibarr/dolibarr/commit/796b2d201acb9938b903fb2afa297db289ecc93e

Remedy

Update to 14.0.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for this issue in Dolibarr ERP CRM?
The vulnerability ID for this issue in Dolibarr ERP CRM is CVE-2021-25955.
What is the severity of CVE-2021-25955?
CVE-2021-25955 has a severity level of critical.
What software versions are affected by CVE-2021-25955?
Versions 2.8.1 to 13.0.2 of Dolibarr ERP CRM's WYSIWYG Editor module are affected by CVE-2021-25955.
How can a low privileged user exploit this vulnerability in Dolibarr ERP CRM?
A low privileged user can exploit this vulnerability by storing malicious scripts in the "Private Note" field at the "/adherents/note.php?id=1" endpoint in Dolibarr ERP CRM's WYSIWYG Editor module.
Are there any references or resources related to CVE-2021-25955?
Yes, you can find more information about CVE-2021-25955 in the following references: [GitHub commit](https://github.com/Dolibarr/dolibarr/commit/796b2d201acb9938b903fb2afa297db289ecc93e) and [WhiteSource Software](https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25955).

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/title
agent/remedy
agent/weakness
agent/severity
agent/author
agent/tags
agent/event
agent/description
agent/first-publish-date
vendor/dolibarr
canonical/dolibarr dolibarr
version/dolibarr dolibarr/2.8.1
version/dolibarr dolibarr/13.0.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.