CVE Identifier: CVE-2021-25955 Date: August 15, 2021 Vulnerability Type: Stored XSS Affected Module: Dolibarr ERP CRM, WYSIWYG Editor Language: PHP Severity Score: 9.0 Weakness Type: CWE CVSS v3.1: - Base Score: 9.0 - Attack Vector (AV): Network - Attack Complexity (AC): Low - Privileges Required (PR): Low - User Interaction (UI): Required - Scope (S): Changed - Confidentiality (C): High - Integrity (I): High - Availability (A): High Related Resources: - https://github.com/Dolibarr/dolibarr/commit/796b2d201acb9938b903fb2afa297db289ecc93e - https://nvd.nist.gov/vuln/detail/CVE-2021-25955 - https://github.com/Dolibarr/dolibarr - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25955 - https://www.mend.io/vulnerability-database/CVE-2021-25955