CVE-2020-14475
Description
A reflected cross-site scripting (XSS) vulnerability in Dolibarr 11.0.3 allows remote attackers to inject arbitrary web script or HTML into public/notice.php (related to transphrase and transkey).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Reflected XSS in Dolibarr 11.0.3 via `public/notice.php` allows remote attackers to inject arbitrary web script or HTML through the `transphrase` and `transkey` parameters.
Vulnerability
Overview
CVE-2020-14475 describes a reflected cross-site scripting (XSS) vulnerability in Dolibarr ERP/CRM version 11.0.3. The flaw resides in the public/notice.php script, where user-supplied input passed via the transphrase and transkey parameters is insufficiently sanitized before being output to the browser [1][2]. The official description confirms that remote attackers can inject arbitrary web script or HTML through these parameters.
Exploitation
Details
An attacker can exploit this vulnerability by crafting a malicious URL that includes a transphrase or transkey parameter containing JavaScript or HTML. The script is then reflected back to the victim's browser in the response from public/notice.php. No authentication is required for this endpoint, making it accessible to unauthenticated remote attackers. The attack surface is the publicly accessible notice.php page, which may be reachable without any login [2][3].
Impact
Successful exploitation allows an attacker to execute arbitrary client-side scripts in the context of the victim's session. This can lead to session hijacking, defacement of the application interface, or redirection to malicious sites. The impact is limited to the browser session but can be leveraged for further attacks against authenticated users.
Mitigation
Status
The Dolibarr project addressed this vulnerability in commit 22ca5e067189bffe8066df26df923a386f044c08, which introduces dol_escape_htmltag() to properly escape output [3]. Users should upgrade to a version that includes this patch. No official workarounds have been published, but applying the commit or updating to a newer release (e.g., 11.0.4 or later) mitigates the issue. This CVE is not currently listed in the Known Exploited Vulnerabilities (KEV) catalog.
- GitHub - Dolibarr/dolibarr: Dolibarr ERP CRM is a modern software package to manage your company or foundation's activity (contacts, suppliers, invoices, orders, stocks, agenda, accounting, ...). it's an open source Web application (written in PHP) designed for businesses of any sizes, foundations and freelancers.
- NVD - CVE-2020-14475
- Fix XSS reported by C. Weiler <sak1.s3curity@gmail.com> in notice.php · Dolibarr/dolibarr@22ca5e0
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
dolibarr/dolibarrPackagist | < 11.0.5 | 11.0.5 |
Affected products
3- Dolibarr/Dolibarrdescription
- osv-coords2 versions
>= 11.0.3, <= 11.0.3+ 1 more
- (no CPE)range: >= 11.0.3, <= 11.0.3
- (no CPE)range: < 11.0.5
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/advisories/GHSA-m396-2x3h-v3v4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-14475ghsaADVISORY
- github.com/Dolibarr/dolibarr/commit/22ca5e067189bffe8066df26df923a386f044c08ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.