Description There is HTML Injection in the Note field in Dolibarr ERP/CRM 10.0.2 via user/note.php. Remediation References CVE-2019-17223 Related Vulnerabilities WordPress Plugin WP Download Codes Cross-Site Scripting (2.5.1) Jboss EAP CVE-2012-5626 Vulnerability (CVE-2012-5626) Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2021-25329) WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-28040) WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.39) Severity Medium Classification CVE-2019-17223 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities