CVE-2020-13239: Cross-site Scripting
The DMS/ECM module in Dolibarr renders user-uploaded .html
files in the browser when the attachment parameter is removed from the direct download link. Rendering these files directly, may lead to XSS.
References
Detect and mitigate CVE-2020-13239 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →