Cross-site Scripting (XSS) - Generic in dolibarr/dolibarr


Reported on

Jul 30th 2020


dolibarr is a modern and easy to use web software to manage your business. The error page is vulnerable to (self) XSS because of lack of escaping on $_SERVER['HTTP_USER_AGENT'] variable before printing it.

The flaw is in the dol_print_error function (in the htdocs/core/lib/functions.lib.php file)


  1. Log into your dolibarr instance
  2. Change your browser user-agent by appending something like <script>alert(document.domain);</script>
  3. Modify the URL in order to throw an error (for example: http://dolibarr/document.php?modulepart=.&attachment=0&file=dddd&&entity=10&&entity=1000&&entity=101&mainmenu=home)
  4. XSS is fired
to join this conversation