-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI
PHPPHP| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| dolibarr/dolibarr | composer | = 12.0.5 |
Miggo AIRoot Cause AnalysisThe XSS occurs via SQL error messages, which typically involve: 1) Database error handling functions that capture raw SQL input/errors, and 2) Error page templates that display these messages. While exact code isn't available, Dolibarr's architecture suggests DoliDB::error handles SQL exceptions, and error templates would render messages. The vulnerability implies both components lack proper output sanitization. Confidence is medium due to pattern matching with XSS vulnerabilities in error handling systems, though without direct code evidence.
Ongoing coverage of React2Shell