Vulnerability in N/a

CVE-2026-31018

In Dolibarr ERP & CRM <= 22.0.4, PHP code detection and editing permission enforcement in the Website module is not applied consistently to all input parameters, allowing an authenticated user restricted to HTML/JavaScript editing to injec…

EPSS: 0.000 (15.4th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References