Critical severity9.8NVD Advisory· Published Mar 16, 2020· Updated Jun 17, 2026
CVE-2019-19212
CVE-2019-19212
Description
Dolibarr ERP/CRM 3.0 through 10.0.3 allows XSS via the qty parameter to product/fournisseurs.php (product price screen).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
dolibarr/dolibarrPackagist | >= 3.0, <= 10.0.3 | — |
Affected products
2- Dolibarr/ERP/CRMdescription
Patches
Vulnerability mechanics
References
7- herolab.usd.de/security-advisories/usd-2019-0054/nvdExploitThird Party Advisory
- github.com/advisories/GHSA-pm57-926c-28mrghsaADVISORY
- herolab.usd.de/en/security-advisories/nvdThird Party Advisory
- nvd.nist.gov/vuln/detail/CVE-2019-19212ghsaADVISORY
- www.dolibarr.org/forum/dolibarr-changelogsnvdVendor AdvisoryWEB
- herolab.usd.de/en/security-advisoriesghsaWEB
- herolab.usd.de/security-advisories/usd-2019-0054ghsaWEB
News mentions
0No linked articles in our index yet.