Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stored XSS in “Dolibarr” leads to privilege escalation
Vulnerability Description
In “Dolibarr ERP CRM”, WYSIWYG Editor module, v2.8.1 to v13.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store malicious scripts in the “Private Note” field at “/adherents/note.php?id=1” endpoint. These scripts are executed in a victim’s browser when they open the page containing the vulnerable field. In the worst case, the victim who inadvertently triggers the attack is a highly privileged administrator. The injected scripts can extract the Session ID, which can lead to full Account takeover of the admin and due to other vulnerability (Improper Access Control on Private notes) a low privileged user can update the private notes which could lead to privilege escalation.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Dolibarr 跨站脚本漏洞
Vulnerability Description
Dolibarr是一个应用软件。一个现代软件包,可帮助管理您组织的活动。 Dolibarr ERP CRM 2.8.1版本至13.0.2版本存在跨站脚本漏洞,该漏洞源于软件中的编辑器模块对于用户提交数据缺乏有效的验证导致了存储型跨站脚本漏洞。低权限的攻击者可以通过"/adherents/note.php?id=1"将恶意脚本存储在私人笔记字段中。受害者打开页面,恶意脚本就会自动执行,攻击者可以通过该方式获得更高的权限。
CVSS Information
N/A
Vulnerability Type
N/A