htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header.
{ "cpes": [ "cpe:2.3:a:dolibarr:dolibarr_erp/crm:*:*:*:*:*:*:*:*" ], "severity": "Medium" }