Description

Dolibarr 6.0.4 is affected by: Cross Site Scripting (XSS). The impact is: Cookie stealing. The component is: htdocs/product/stats/card.php. The attack vector is: Victim must click a specially crafted link sent by the attacker.

Remediation

References

CVE-2019-1010016

Related Vulnerabilities

MySQL CVE-2016-5628 Vulnerability (CVE-2016-5628)

WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite Multiple Vulnerabilities (1.3.7)

Oracle JRE CVE-2018-2798 Vulnerability (CVE-2018-2798)

WordPress Plugin Thrive Ultimatum Security Bypass (2.3.9.3)

WordPress Plugin WP Js External Link Info Cross-Site Scripting (1.21)

Severity

Medium

Classification

CVE-2019-1010016 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities