CVE-2011-4814

Dolibarr < 3.1.0 - Cross-Site Scripting via PATH_INFO and optioncss Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4814. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary This exploit demonstrates multiple XSS vulnerabilities in Dolibarr 3.1.0 RC by injecting malicious JavaScript via URL parameters. The PoC leverages improper input sanitization to execute arbitrary JavaScript in the context of a victim's browser.

Description

Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) admin/boxes.php, (3) comm/clients.php, (4) commande/index.php; and the optioncss parameter to (5) admin/ihm.php and (6) user/home.php.

Exploits (1)

exploitdb WORKING POC VERIFIED
by High-Tech Bridge SA · textwebappsphp
https://www.exploit-db.com/exploits/36330

This exploit demonstrates multiple XSS vulnerabilities in Dolibarr 3.1.0 RC by injecting malicious JavaScript via URL parameters. The PoC leverages improper input sanitization to execute arbitrary JavaScript in the context of a victim's browser.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Dolibarr 3.1.0 RC
No auth needed
Prerequisites: Apache's AcceptPathInfo directive set to 'on' or 'default'
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Scores

EPSS 0.0573
EPSS Percentile 92.1%

Details

CWE
CWE-79
Status published
Products (11)
dolibarr/dolibarr_erp\/crm 2.5.0
dolibarr/dolibarr_erp\/crm 2.6.0
dolibarr/dolibarr_erp\/crm 2.6.1
dolibarr/dolibarr_erp\/crm 2.7.0
dolibarr/dolibarr_erp\/crm 2.7.1
dolibarr/dolibarr_erp\/crm 2.8.0
dolibarr/dolibarr_erp\/crm 2.8.1
dolibarr/dolibarr_erp\/crm 2.9.0
dolibarr/dolibarr_erp\/crm 3.0.0
dolibarr/dolibarr_erp\/crm 3.0.1
... and 1 more
Published Dec 14, 2011
Tracked Since Feb 18, 2026