CNNVD-202601-5065 Information

CNNVD ID

CNNVD-202601-5065

Related CVE

CVE-2020-36966

• CNNVD Published: 2026-01-30

Description (Chinese)

Dolibarr是Dolibarr开源的一个应用软件。可帮助管理用户组织的活动。 Dolibarr 11.0.3版本存在跨站脚本漏洞，该漏洞源于LDAP同步设置中对host、slave和port参数输入清理不当，可能导致存储型跨站脚本攻击。

Description (English)

Dolibar is an application for Dolibar open source. It helps manage the activities of user organizations. Version 11.3 of Dolibarr 11.0.3 contains a cross-site script loophole, which stems from the inappropriate clean-up of post, slave and port parameters in the LDAP Sync settings, which may lead to storage-type cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Dolibarr

Published

2026-01-30

Last Modified

2026-02-24

References

https://www.dolibarr.org/ https://www.exploit-db.com/exploits/48504 https://www.vulncheck.com/advisories/dolibarr-ldapphp-persistent-cross-site-scripting